PcA-----------------|eth0:0 /Router/ eth0|-------------------PcB
.4_____10.0.0.0/24___.1_______________.14___192.168.1.0/24___.16

I'v started 3 VirtualMachines Ubuntu
I'v created allias virtual interface eth0:0 (10.0.0.1)
PcA default gateway .1 , and default route to .1
PcB doesnt know about 10.0.0.0/24

iptables -P INPUT ACCEPT
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A FORWARD -i eth0:0 -o eth0 -s 10.0.0.0/24 -j ACCEPT
iptables -A FORWARD -i eth0 -o eth0:0 -p tcp --dport 22 -j ACCEPT
(or this instead: iptables -A FORWARD -p tcp -d 10.0.0.4 --dport 22 -j ACCEPT)
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j DNAT --to-destination 10.0.0.4:22
echo 1 > /proc/sys/net/ipv4/ip_forward

From PcB:
ssh 192.168.1.14 ---> ssh to 10.0.0.4 doesnt work??
But if: iptables -P FORWARD ACCEPT then it works.
I cant find what is wrong in FORWARD chains, when default action is DROP on FORWARD...

If you want to see what is going on then use tcpdump to look at the traffic.
If tcpdump doesn't work for you you could add logging to your firewall and look there to see what is going on.

Can't make heads nor tails of your network layout above.

I have solved it finally.

-i and -o parameters were problem i think.
anyway, two forward rules for ssh from pcb to pca to work are:

sudo iptables -A FORWARD -s 10.0.0.0/24 -j ACCEPT // let packets from private network out to internet
sudo iptables -A FORWARD -d 10.0.0.4 -p tcp --dport 22 -j ACCEPT //let incoming packets from internet coming on router public interface on port22 to be forwared to private pcA

p.s. whats wrong with layot ? its standard cisco scheme
left is network 10.0.0.0/24 with 10.0.0.4 PCa and a router interface 10.0.0.1
right is network 192.168.1.0/24 with .1 ruter interface and .16 address of pcB

thank u myself for solving this -.-
cheers

Been working with Cisco for a very long time and I've never seen this.

Glad you got it fixed the way you want it to be.