u need to know iptables commands. visit
www.netfilter.org to learn it.
i will try to explain DNAT;
DNAT changes the destination ip address from ip packets headers. so it can be forwarded to host which is located in private lan. SNAT must be enabled for that private host. otherwise ip packets comes fron internet cannot return. so connection cant be established. sure first u must turn on routing in your linux.
example.. eth0 has public ip of email server. eth1 is connected to email server. email
public ip : 212.1.1.2
server ip : 192.168.0.2
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to 192.168.0.2
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 110 -j DNAT --to 192.168.0.2
iptables -t nat -A POSTROUTING -s 192.168.0.2 -j SNAT -to 212.1.1.2