I have recently blocked whole range of IP addresses coming from China on my server, but I have to allow one or few. However I am not much familiar with iptables rules precedence.
My rules regarding this special case are like this bellow:
Chain num pkts bytes target prot opt in out source destination
ALLOWIN 1 0 0 ACCEPT all -- !lo * 223.252.213.134 0.0.0.0/0
ALLOWOUT 1 0 0 ACCEPT all -- * !lo 0.0.0.0/0 223.252.213.134
CC_DENY 5 251 15060 DROP all -- * * 223.252.192.0/18 0.0.0.0/0
Will this work way I would expect?
First allow, 223.252.213.134 and then deny range 223.252.192.0/1?
Yes, iptables rules are applied on a first-match basis.
Will it work in the way you want? Yes.. if you've got the chains in the right order etc. - looks like you have.
But you can test it so you are more certain by temporarily changing the DENY so that instead of saying 223.252.192.0/18 it says 0.0.0.0/0
Once you have made that temporary change then you will know you have got it right if your allowed IP works, and no other IP does!
Once you are sure, then change it back.