IPTables and Port Forwarding?

$hy_guy asks: "I have been totally striking out finding some info on how to do port forwarding in Linux. I am currently running Mandrake 8.1 as my router and i would like to forward a particular port to another machine on my LAN. I'm pretty sure I have to use iptables but I have been very unsuccesful at the proper syntax. I have scoured through Google and I have not really found any useful info. I would appreciate just a link or something to point me the correct direction. Thanks for the help" I know many of you may think this is an FAQ, but it seems that IPTables confuses many people as this is not the first time this question has hit the bin. If someone has a good general reference on the use of IPTables, please share.

'tis Quite Easy

[Jester998]

Heh... by coincidence, I just finished a project for the local hospital... I was coding a full-featured firewall based on Linux, and it had to integrate seamlessly with a WinNT network, including limiting 'net access by user name, and it had to work totally transparently for the users. Since a number of people in the hospital use Remotely Anywhere to connect from home, port forwarding became an issue for us.

The syntax for port forwarding is:

iptables -t nat -I PREROUTING -p <protocol> --dport <destination port> -j DNAT --to-destination <destination IP>:<destination port>

Note that you can remap port numbers, too, if need be (ie. traffic coming in on port 80 is redirected internally to port 5000).

Make sure you have the destination NAT target compiled in (I think it might be, by default), and make sure you enable all the NAT stuff you need.