Packet filtering when using slirp4netns and rootless

[acromc]

Hi all, I am struggling to find a clean way to filter packet using iptables from the outside host to control a rootless container traffic that uses slirp4netns since it's exposed in the host as a normal process and not a link as is the case in rootflul contianers that use bridges.
So how can I use iptables rules from the outside world to control slirp4netns traffic without affecting the rest of the host traffic? I tried creating a bridge in the host namespace that masquerades its traffic to the default gateway in the host namespace, set an IP address for it and used that address in the option outbound_addr, but it messed up my wireguard connections with ICMP 126 port unavailable packets fro some reason.

Can pasta be a help for me in that case or it would be the same problem?

[mayasd]

Hello,
Finally, @acromc have you find a solution ?