Thanks for the reply!
So this works:
-A INPUT -s x.x.x.x/x -i eno1 -p udp -m udp -j ACCEPT
^ address being the gateway
The question is now - how to narrow down the scope as much as possible to create as secure a setup as is possible with the current technology?