eth0 is bound to the external IP
eth1 is bound to the internal 10.0.0.X
This example uses the IPs you gave above.
Code:
#!/bin/bash
# Delete and flush. Default table is "filter". Others like "nat" must be explicitly stated.
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
# Set up IP FORWARDing and Masquerading
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT
# Allow loopback access. This rule must come before the rules denying port access!!
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A OUTPUT -o lo -p all -j ACCEPT
#Used for forwarding ports to Internal Box
iptables -t nat -A PREROUTING -p tcp -d 200.69.219.229 --dport 110 -j DNAT --to-destination 192.168.5.1
iptables -A FORWARD -o eth1 -p tcp -d 192.168.5.1 --dport 100 -m state --state NEW -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
I use that code on a firewall box and I haven't had any problems with it.