To allow only specific IP addresses to connect to a specific port, use the following
iptables -I INPUT -p tcp -s 0.0.0.0/0 --dport 3306 -j DROP iptables -I INPUT -p tcp -s 192.168.1.100 --dport 3306 -j ACCEPT
tcpis the protocol (may also be
192.168.1.100is the IP address (change it to the one you want to allow)
3306is the port number (change it as well)
The first command blocks all communiation for this port. The second command then adds an exception for a specific IP address. The second command can be repeated for any IP address that should be allowed.