Because my ISP doesn't allow service running on port 80, I wan to forward all trafic from internet that want to reach my port 80 to another port on another box (it start to be funny, isn't it? )

So I first tried to forward connection from inside the network to another box and I was successful... here is the first script:
$IPTABLES -A PREROUTING -t nat -j DNAT -s 192.168.0.1 -p tcp --dport http --to-destination 192.168.0.3
$IPTABLES -t nat -A POSTROUTING -s 192.168.0.3 -o ETH0 -j SNAT --to-source 192.168.0.1

This was working so now I'm tring to do the same thing but for the trafic coming from the net. But I have a problem ,since anyone can try to connect to me, I can't know where is "the source" I want to return to trafic to...
Example:

$IPTABLES -A PREROUTING -t nat -j DNAT -s 0/0 -p tcp --dport http --to-destination 192.168.0.3
$IPTABLES -t nat -A POSTROUTING -s 192.168.0.3 -o ppp0 -j SNAT --to-source ?.?.?.?


Now how can I know where to send back the trafic? is there a special option to ask iptables to memorize the ip from where the trafic is coming, to be able to send back the answer-trafic later?

I don't know if knowing that the ip address for "the internet" is 0.0.0.0 would help....

well why not?

If I can know what's the ip of the outside connection that want to access my apache server, I will be able to return the trafic to it after the forward... if not I can't return the trafic.

Although it wouldn't be easy, I believe the the packets of information contain the requesting IP address in their headers. I have no idea how to utilize that except with a sniffer of sorts