In order to simply security for MongoDB installations, it should obey the files /etc/hosts.deny and /etc/hosts.allow on GNU/Linux and UNIX systems.
In order to do that, support for libwrap would have to be implemented.
Instead of having to fiddle with firewalls (both external and local filter based ones can be quite complex to manage) access restrictions could be implemented using very simple configuration lines in the two mentioned files.
It is to be mentioned that most modern UNIX/Linux daemons obey /etc/hosts.deny and /etc/hosts.allow and that it was a rather big surprise that MongoDB doesn't. As per principle of least surprise, this should be changed.