I want to drop all packets (from interface wg0) that are not coming in on port 51821.

Claude told me to use the rules

iptables -A INPUT -i wg0 -p udp --dport 51821 -j ACCEPT
iptables -A INPUT -i wg0 -j DROP

but (according the ubuntu wiki for iptables) ACCEPT says a table is finished and I wonder if setting it manually like this might interfer with other things.

OTOH, `iptables` understands negation, so I think I should be able to achieve what I want with

iptables -A INPUT -i wg0 ! -p udp ! --dport 51821 -j DROP

Would my approach even work and is it better than the double rule approach?