Preserve source IP when using masquerade + rich-rule port-forwading

[crimewaffle]

What would you like to be added

Not sure if this is already implemented and just a mistake on my end or not.

The ability to preserve the IP of the origin when port-forwading using rich rules.

example: When users have a rule like rule family="ipv4" destination address="EXTERNALIP" forward-port port="80" protocol="tcp" to-port="80" to-addr="INTERNALIP" the service at INTERNALIP only sees the internal (NAT) gateway as a source instead of the "actual" source.

Why is this needed

No response