linux

How to forward ports with -j MASQUERADE while keeping the real ip address?

Good afternoon! Please help me organize a reverse/transparent proxy server.
It is necessary to forward a certain port (999) from one server (1.1.1.1) to another server (2.2.2.2) and at the same time keep the client's real IP address. I'm almost sure that it's impossible to implement this using rules in iptables, but I still use the rules:
iptables -t nat -A PREROUTING -i venet0 -p tcp --dport 999 -j DNAT --to 2.2.2.2:999
iptables - t nat -A POSTROUTING -j MASQUERADE
These servers are not on the local network and both addresses 1.1.1.1 and 2.2.2.2 are accessible from the Internet. those. requests coming, for example, from client 188.1.1.1, to server 1.1.1.1:999 are successfully redirected to 2.2.2.2:999, and everything was fine until it was necessary to determine the real ip address of the client, because requests to 2.2.2.2 after MASQUERADE come from address 1.1.1.1 instead of 188.1.1.1.
I tried to study the issue with TPROXY in the mangle, but unfortunately I could not figure it out. Please help me find a solution for organizing a reverse proxy, where you can transfer the real address of the client.