I agree with @dfrey - a first look at the rules you have provided should let packets on port 5009 OUT any interface, and then a response to an out packet should be INPUT accepted on any interface.
Chain OUTPUT (policy ACCEPT 302 packets, 41790 bytes)
should let any packets on any port on any interface out of the WP.
I would have thought the INPUT chain rule
301 24603 ACCEPT all – any any anywhere anywhere ctstate RELATED,ESTABLISHED
should have allowed responses to packets that had been sent from the device to be received correctly. (but not unsolicited input packets)
NOTE This is a somewhat dangerous rule to have … if something goes wrong with an application on the WP, you could be up for a lot of data transmission costs as it will let in traffic that is reponding to any existing outgoing packets.
The WP Yocto Linux uses the standard linux iptables firewall system. I suggest that you get on the web and look up some
iptables primers so you get a handle on the way packets flow through the firewall, what is meant by interfaces and how rules are constructed.
Can I ask what you are trying to achieve? 5009 is an odd port - are you trying to do some sort of VoIP?
The reason I ask is that some protocols return info on different ports than those that were used to send the request on. If this is the case with your protocol, then the rules as shown above may not let the responses back in (as they are coming back on a different port to that they went out on - so the
RELATED,ESTABLISHED part of the ACCEPT rule will not match the returning packets). If you are using such a protocol, then you may need to look at one of the kernel IPTABLES helper modules for the protocol (if one exists).