This is important if you need public access to internal IPs such as at your office and don't want to use a VPN just to SSH into different servers:
Below forwards the port "10001" to the IP 220.127.116.11 on port 22 (of course adjust it to your needs).
iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 18.104.22.168:22
Remember to enable MASQUERADE on your NAT IPs or they won't be able to talk to the outside world (make sure the range is correct).
This says that IPs between 22.214.171.124-126.96.36.199 are NAT'd (adjust to reflect the range of your network).
-A POSTROUTING -m iprange --src-range 188.8.131.52-184.108.40.206 -j MASQUERADE
iptables, redirect, ports, nat, masquerade, howto, solutionthis, ips, vpn, ssh, servers, forwards, quot, ip, adjust, prerouting, tcp, dport, dnat, destination, enable, reflect, postrouting, iprange, src,