No, that's your case exactly:
The weak host model is just the reason behind the current implementation.
There's nothing to disable, you simply need to accept that OpenWrt firewall relies on the zone model which is based on the ingress interface, and apply the input zone policy accordingly, which is input reject for the guest zone in your case.
Create permissive traffic rules or redirects for specific protocols/ports.
You can limit rule scope to a specific destination IP if required.