That said, likely more complex than the solution you’re looking for; also worth mentioning that unless you use the variant called single packet authorization (SPA), where only a single "knock" is needed, consisting of an encrypted packet — the port knocking sequence in theory is observable and reproducible by an attacker.
https://serverfault.com/questions/146569/iptables-how-to-all...
Found that by Googling [iptables whitelist by IP and port]. ___
Another approach is Port Knocking:
https://en.m.wikipedia.org/wiki/Port_knocking
That said, likely more complex than the solution you’re looking for; also worth mentioning that unless you use the variant called single packet authorization (SPA), where only a single "knock" is needed, consisting of an encrypted packet — the port knocking sequence in theory is observable and reproducible by an attacker.