Port forwarding while preserving the source IP address with firewalld

I signed up with a new ISP and they dont provide me with a external IPv4 address. Ive set up a virtual server (S) (that has an address) to relay all my stuff to my box at home (B) using a wireguard tunnel.

On (S) I configured:

sysctl -w net.ipv4.ip_forward=1
firewall-cmd --zone=external --add-forward-port=port=<EXTERNAL PORT>:proto=<PROTOCOL>:toport=<INTERNAL PORT>:toaddr=<INTERNAL IP>
firewall-cmd --zone=external --add-masquerade
firewall-cmd --zone=external --add-port=<EXTERNAL PORT>/<PROTOCOL>

ON (B) I configured:

firewall-cmd --zone=internal --add-port=<INTERNAL PORT>/<PROTOCOL>

The setup works quite well. All connection arrive at (B), but the source address is (obviously) masqueraded. Just removing the masquerading via firewall-cmd --zone=external --remove-masquerade on (S) does not work. My question now is: How can a achieve a similar setup with firewalld, that does not masquerade the source IP addresses, such that I can still analyze the sources on (B)?

Thanks in advance!

I figured out that this is impossible to do with firewalld. Anyways, I found a solution. Using Nginx proxy_protocol https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/ works perfectly for me.