#PATH/sbin/named
nic #
 iptables -F
nic #
 iptables -F -t nat
nic #
 # put east behind NAT portforward
nic #
 iptables -I PREROUTING -t nat -i eth1 -p udp --dport  500 -j DNAT --to 192.1.2.23:500
nic #
 iptables -I PREROUTING -t nat -i eth1 -p udp --dport 4500 -j DNAT --to 192.1.2.23:4500
nic #
 iptables -I PREROUTING -t nat -i eth1 -p tcp --dport  22 -j DNAT --to 192.1.2.23:22
nic #
 # and behind NAT
nic #
 iptables -I POSTROUTING -t nat -j SNAT -s 192.1.2.23/32 --to 192.1.2.123