Port Forwarding Using Iptables
If our server is located behind our firewall and it is using private ip, we can do port forwarding to enable access from outside to our server.
iptables -t nat -A PREROUTING -d [firewall public address] -p tcp --dport [local port] -j DNAT --to [remote machine]:[remote port]
As an example:
iptables -t nat -A PREROUTING -d 220.127.116.11 -p tcp --dport 8080 -j DNAT --to 10.20.20.51:80
Therefore, if a web browser is pointing to our public address at port 8080, she will be forwarded to our server running behind our firewall (but you must set proper SNAT or MASQUERADE setting first).