David,
This sounds to me like infrastructure security requirement. IMO, Gateway is not the right place to implement it, rather you should reply on network firewalls. When you expose your Gateway system to external, there will be firewalls involved, and they will have capability to do such things. So I would suggest to contact your infra/network-security teams.
Let us know how it went.
Regards
Krishna