DNAT and webserver's access_log

The problem is simple - I have a router at my home which forwards
incoming requests to different boxes, everything's working ok just the
thing that apache access_log contains only the router's IP as the
source IP.

iptables configuration for web forward:

iptables -t nat -A postrouting_rule -d 10.0.0.0/24 -j SNAT --to-source
$WAN_IP
iptables -t nat -A prerouting_rule -p tcp --dport 80 -d $WAN_IP -j DNAT
--to 10.0.0.253
iptables -A forwarding_rule -p tcp --dport 80 -d 10.0.0.253 -j
ACCEPT

access_log:

<routers_wan_interface_ip> - - [29/Jan/2006:16:58:02 +0200] "GET /
HTTP/1.0" 200 0


Is there any way to forward the right IP for services on non-router's
boxes?

Thanks.

Am Sonntag, den 29.01.2006, 08:49 -0800 schrieb janiz:
> The problem is simple - I have a router at my home which forwards
> incoming requests to different boxes, everything's working ok just the
> thing that apache access_log contains only the router's IP as the
> source IP.
>
> iptables configuration for web forward:
>
> iptables -t nat -A postrouting_rule -d 10.0.0.0/24 -j SNAT --to-source
> $WAN_IP
> iptables -t nat -A prerouting_rule -p tcp --dport 80 -d $WAN_IP -j DNAT
> --to 10.0.0.253
> iptables -A forwarding_rule -p tcp --dport 80 -d 10.0.0.253 -j
> ACCEPT
>
> access_log:
>
> <routers_wan_interface_ip> - - [29/Jan/2006:16:58:02 +0200] "GET /
> HTTP/1.0" 200 0
>
>
> Is there any way to forward the right IP for services on non-router's
> boxes?
>
> Thanks.

Change your first rule to
iptables -t nat -A postrouting_rule -o $WAN_IF --to-source $WAN_IP

Greets
Chris