You need to do the following
Read the information of the site refered by MAXUP
add an alias to the eth0 with the adress 201.139.31.250
add ip adress 10.0.0.1 to your DMZ eth2
give the ms webserver adress 10.0.0.2
Start building the script at that site
and this would be the result
#!/bin/sh
# iptables script generator: V0.1-2002
# Comes with no warranty!
# e-mail:
michael@1go.dk
# Diable forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward
LAN_IP_NET='10.0.0.1/8'
LAN_NIC='eth1'
WAN_IP='201.139.100.90'
WAN_NIC='eth0'
FORWARD_IP='10.0.0.2'
# load some modules (if needed)
# Flush
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
# enable Masquerade and forwarding
iptables -t nat -A POSTROUTING -s $LAN_IP_NET -j MASQUERADE
iptables -A FORWARD -j ACCEPT -i $LAN_NIC -s $LAN_IP_NET
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
# STATE RELATED for router
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Open ports to server on LAN
iptables -A FORWARD -j ACCEPT -p tcp --dport 80
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 10.0.0.2:80
# Enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward