Suggest using an LXD proxy device:
lxc stop c1
lxc config device override c1 eth0 ipv4.address=10.96.212.100
lxc config device add c1 myproxy proxy listen=tcp:192.168.1.128:80 connect=tcp:0.0.0.0:80 nat=true
lxc start c1
The connect=tcp:0.0.0.0:80 part means to use the static IP assignment of the container for the DNAT.
Check the iptables DNAT rule is added:
sudo iptables -L -v -n -t nat
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- * * 0.0.0.0/0 192.168.1.128 tcp dpt:80 /* generated for LXD container c1 (myproxy) */ to:10.96.212.100:80
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- * * 0.0.0.0/0 192.168.1.128 tcp dpt:80 /* generated for LXD container c1 (myproxy) */ to:10.96.212.100:80
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
10 1334 SNAT all -- * * 10.96.212.0/24 !10.96.212.0/24 /* generated for LXD network lxdbr0 */ to:192.168.1.99