Question about ip/port redirection

[rvn2k2]

Hey guys.. I've got a question, I have "Server A" with real internet ip 1.2.3.4 (eth0) and lan ip 192.168.1.1 (eth1)
There's also "Server B" with lan ip 192.168.1.2 (eth0), I'm running an Apache Web server on "Server B", so I want to redirect all traffic from IP 1.2.3.4 port 80 (Server A) to 192.168.1.2 port 80 (Server B), using the following rule:

Code:

iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A PREROUTING -p tcp -d 1.2.3.4 --dport 80 -j DNAT --to 192.168.1.2:80

This actually works pretty good, from internet I can browse ttp://1.2.3.4
But the problem is that if I check the Apache logs, all incoming connections seems to come from 192.168.1.1 instead of showing the real source ip addresses (internet ip's) so this is screwing up all my web stats, I've been looking for hours and hours on how to make a transparent redirect, but can't find any info, I know there must be a way because my old WRT54G router which uses iptables could do it.

Please help, thanks

[Lazydog]

You just need to MASQ the traffic going to the internet. Anything internal you don't need to MASQ.

If I understand your setup right remove the MASQ rule for eth1 as it is not needed.

[rvn2k2]

Thanks, I removed that line, but the problem persists :P

[Lazydog]

IPTABLES Tutorial