simple, but not for me.

[outspoken]

ok, ill lay out a simple plan of what i need done. of course ive tried a lot of the options listed in this listeserv, and cant seem to get them working properly. also read some howtos and other various things but just came seem to get things working. there was one post that i thought was going to be helpful recently, but all they talked about was how its a security risk and they should really look into a dmz. well i cant right now since i don't have another ethernet card so please someone post simple iptables examples for me to use. =)     i have a machine = 192.168.0.8 which is behind the firewall = 192.168.0.1 what i need to do is have 192.168.0.8 be visible to the public for web serving, ssh, mysql. that is all.   my nat setup currently works fine with 3 machines behind the firewall.   modules loaded:   insmod ip_tables insmod ip_conntrack insmod ipt_state insmod ipt_limit insmod iptable_filter.o insmod iptable_mangle.o insmod ipt_LOG.o insmod ipt_MASQUERADE.o insmod ipt_REDIRECT.o insmod ipt_REJECT.o insmod iptable_nat.o there are only 2 NAT lines in use:   iptables -t nat -F iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE   please advice as to what is needed, this does not need to be a super solution, this is a temporary thing for someone i trust to login and test out some code he is doing for me on a web project. the reason these functions cant be done on the firewall machine is because the php/mysql/apache setup on there is god awful and i have not been able to fix that.   thanks a lot!