What I was trying to do this morning was to get my LDAP proxy going. By LDAP proxy I mean simple port 389 forwarding from one machine to the 389 port on actual LDAP server.
After intial attmpt to set up iptables to do what I wanted, I started to look through internet, as this posed to be non-trivial task, at least for me.
Eventually, after putting together instructions found on numerous web pages and forums I put together my Golden Instruction!!! TaDAM!
It looks like that:
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -p tcp --dport 389 -j ACCEPT
iptables -t nat -A POSTROUTING -d ldap_ip_number -j MASQUERADE
iptables -t nat -A PREROUTING -i bond0 -d box_ip_number -p tcp --dport 389 -j DNAT --to ldap_ip_number:389
It does the following:
you connect on port 389 of the "box" machine and you can use LDAP running on "ldap" machine.
Simple as it is, but finally I got my satisfaction.
Hope this helps! Good luck.