Firewall rules between services in Swarm

Hi there.

I work in a production environment is meant to be very restrictive. That means that every service must communicate only with the bare minimum that it needs, meaning our firewall rules must drop any connection except for the correct servers in the correct ports.

I searched for possible solutions to manage iptables rules between different overlay networks (on the same Swarm cluster) but to no avail. Any possible solution?