的确是我说错了，是代理端的服务程序

问题我已经找到了，linux kernel 2.2以上都不支持getsockname()直接返回原来实际请求的ip了，从网上得到一个函数，说用getsockopt可以返回原来的地址，但是我写的测试程序，getsockopt(..)返回的是错误返回-1,还是只能利用getsockname的返回得到代理端的地址。那位高手出手相就
/* nf_getsockname() - netfilter SO_ORIGINAL_DST variant of getsockopt()
*
* Within the new Linux netfilter framework, NAT functionality is cleanly
* separated from the TCP/IP core processing. In old days, you could easily
* retrieve the original destination (IP address and port) of a transparently
* proxied connection by calling the normal getsockname() syscall.
* With netfilter, getsockname() returns the real local IP address and port.
* However, the netfilter code gives all TCP sockets a new socket option,
* SO_ORIGINAL_DST, for retrieval of the original IP/port combination.
*
* This file implements a function nf_getsockname(), with the same calling
* convention as getsockname() itself; it uses SO_ORIGINAL_DST, and if that
* fails, falls back to using getsockname() itself.
*
* Public domain by Patrick Schaaf <bof@bof.de>
*/

int nf_getsockname(int fd, struct sockaddr *sa, int *salen)
{      int iret;

        if (*salen != sizeof(struct sockaddr_in)) {
                errno = EINVAL;
                return -1;
        }

#ifdef SO_ORIGINAL_DST
       if (0 == getsockopt(fd, SOL_IP, SO_ORIGINAL_DST, sa, salen)) {
               return 0;
            }
#endif

        return getsockname(fd, sa, salen);
}