iptables forwarding while keeping source IP

[Avg-Joe]

I'm trying to forward SNMP traps from our DMZ through iptables to our SNMPTRAP sink. I've configured it using the following rules:

iptables -t nat -A PREROUTING -i eth0 -p udp -m udp --dport 162 -j DNAT --to-destination 10.20.30.40:162
iptables -A FORWARD -i eth1 -p udp -m udp --dport 162 -j ACCEPT

And configured the host to allow forwarding:

# sysctl -w net.ipv4.ip_forward=1

However, when I run a tcpdump on the eth1 where the packets should egress I notice that the source IP is that of the local server and not the originating device.

Not sure what I am missing.

Thanks

[Avg-Joe]

Should have noted, this is on Redhat Enterprise 5.8

[Pascal Hambourg]

Hello,

Avg-Joe a écrit :

AFAIK, the DNAT target does not change the source address. Nor does the
ACCEPT target either, of course.
Is this the complete ruleset (output of iptables-save) ?
Notes :
1) If the default policy is ACCEPT, you don't need extra rules with the
ACCEPT target.
2) If the second rule is meant to accept packets DNATed by the first
one, then the input interface is wrong.