Iptables NAT to private network

Ive tried the man pages, and that helped a ton on setting up custom rules. However there was one thing I couldnt figure out.
it goes something like this:

my default gw has an external ip address of 63.214.114.34 (its dynamically assigned, but ill worry about that part) and an internal address of 192.168.0.2

what i want to be able to do is set up a webserver on 192.168.0.1. So Im trying to come up with iptable rules on my default gw that will forward port 80 requests to 63.214.114.34 to 192.168.0.1

ppp0 = link to the net
eth0 = link to 192.168.0.0

what i have so far:

iptables -t nat -A POSTROUTING -p tcp -s 192.168.0.1 -o ppp0 -j MASQUERADE

iptables -t nat -A PREROUTING -p tcp -d 63.214.114.34 --dport 80 -j DNAT --to 192.168.0.1:80


and I thought that would do it. but no. So ive tried alot of different combinations but no go. I compiled my kernel with NAT support, and there are no errors, so im guessing im missing something.


thanks in advance

nothing like answering your own question. here was the solution:

iptables -t nat -A POSTROUTING -s 0/0 -d 63.214.105.238 -p tcp \
--dport 80 -j SNAT --to 192.168.0.1



now the other way may have worked. I just figured out I couldnt access the webpage from my firewall, it just didnt like it. But other people could access my internal webserver.


if you have a more efficient way of doing it, or can explain why i couldnt see it from my firewall thatd be cool.