This is important if you need public access to internal IPs such as at your office and don't want to use a VPN just to SSH into different servers:
Below forwards the port "10001" to the IP 126.96.36.199 on port 22 (of course adjust it to your needs).
iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 188.8.131.52:22
Remember to enable MASQUERADE on your NAT IPs or they won't be able to talk to the outside world (make sure the range is correct).
This says that IPs between 184.108.40.206-220.127.116.11 are NAT'd (adjust to reflect the range of your network).
-A POSTROUTING -m iprange --src-range 18.104.22.168-22.214.171.124 -j MASQUERADE
iptables, redirect, ports, nat, masquerade, howto, solutionthis, ips, vpn, ssh, servers, forwards, quot, ip, adjust, prerouting, tcp, dport, dnat, destination, enable, reflect, postrouting, iprange, src,