Block UDP on LAN with iptables – DD-WRT Firmware Guide

Goal: To block UDP traffic to devices on LAN-side of this gateway (using dd-wrt firmware), that communicate with internet and each other, to test specific communications applications running on each device.

Exceptions: allow the bare minimum UDP needed to support basic network operations for these devices to continue communicating (eg: via TCP) with internet and each other.

What I've tried so far:
Added rules (via SSH session) on this router/gateway:

iptables -I FORWARD -p udp -j DROP 
iptables -I INPUT -p udp -j DROP

Observed (what's working well):

• The rule iptables -I FORWARD -p udp -j DROP successfully blocks devices on LAN-side from communicating via UDP with devices on WAN-side, as verified by inability to communicate between these devices with utility ncat -u.

Observed (what's not working):

• Devices on LAN-side can communicate with each other, using UDP:
  • On device-1 (on LAN-side): ncat -lvu # launch ncat listener using UDP on default port 31337
  • On device-2 (on LAN-side): ncat -vu <ip-addr-device-1> # launch ncat caller using UDP on default port 31337

Expectation (desired outcome):

• ncat caller on device-2 unable to communicate using UDP to ncat listener on device-1.
• ncat caller on device-2 able to communicate using TCP to ncat listener on device-1, by not using ncat param -u.

Additional info:

• Using command iptables -I INPUT -p udp -j DROP impacts too much other communication, but used anyways, to demonstrate ineffectiveness of this rule in preventing UDP communicaiton between these two devices.
• Using hardware: tp-link AC1750 (Archer C7 v5)
• Using firmware: dd-wrt, with setting "Operating Mode = Gateway"
• Devices behind gateway are UWP, iOS, Android. Examples given here using UWP (Windows 10) devices.
• I've seen How do I block UDP while still allowing outbound UDP connections with iptables?, but doesn't appear effective in my case, as demonstrated by trying iptables -I INPUT -p udp -j DROP.