linux

Where is the error in iptables (NAT) rules?

iptables -A INPUT -p udp --dport 2306:2402 -m state --state NEW -j ACCEPT
iptables -A FORWARD -p udp --dport 2306:2402 -m state --state NEW -j ACCEPT
iptables -A FORWARD -i eth0 -p udp -d 33.33.33.33 --dport 2306:2402 -j ACCEPT
iptables -t nat -A PREROUTING -p udp -d 222.222.222.222  --dport 2306:2402 -j DNAT --to-destination 33.33.33.33
iptables -t nat -A POSTROUTING -p udp -d 33.33.33.33 --dport 2306:2402 -j MASQUERADE

A client with IP: 11.11.11.11 goes to -> 222.222.222.222
He redirects him to 33.33.33.33 and from there he goes to LAN -> 192.168.1.1 SO

THE QUESTION...
With this scheme, ALL client connections to 192.168.1.1 allegedly come from the address 222.222.222.222 (i.e. IPTABLES replaces the client's address with its own).
If you remove 222.222.222.222 from the chain, then the addresses are correct.

How to make NAT work on IPTABLES so that when packets arrive, I see the original sender address?