So the proxy device is funny in that it doesn’t need to know the IP address of the container, in fact, it doesn’t even need the container to be connected to the network.
It’s effectively a tiny process which copies connections across network namespace, so you can have it forward port 22 of some IP on the host, to port 22 of 127.0.0.1 in the container, and that’ll work perfectly fine.