How do I configure a custom firewall with kubernetes installed?

Kubernetes version:v1.26.4+k3s1
Cloud being used: bare-metal
Installation method:
Host OS: debian (arm64)
CNI and version: latest
CRI and version: latest

This seems like a very simple question, and before anyone says “google it,” to be honest I have tried and all that comes up is questions about the iptables rules that kubernetes automatically inserts, which doesn’t really answer my question.

I have a raspberry pi that I installed k3s on. Before installing k3s, I had added some basic iptables rules.
Here is a very basic explanation of what I want to accomplish.

  1. I only want to be allowed to access the kube API (port 6443) locally, so on localhost. Not over wired or wireless.
  2. I want to be able to access the pi via SSH over the wireless interface.
  3. I want to run a number of kubernetes deployments, and I only want these accessible via the wired interface, not over the wireless.

So I had all the rules for this in place. But when I install kubernetes (this is true of k3s or k8s, regardless) it adds a bunch of its own rules and rearranges all the existing rules.

Is there some different way I am supposed to configure the firewall with kubernetes?