2個介面的埠轉發不起作用

我正在執行 debian，並且我有以下網路配置：

eth0      Link encap:Ethernet
         inet addr:192.168.16.6  Bcast:192.168.16.255  Mask:255.255.255.0
         inet6 addr: fe80::204:75ff:fe9b:50e5/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:167010058 errors:0 dropped:0 overruns:1 frame:0
         TX packets:286396455 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:3019943786 (2.8 GiB)  TX bytes:161811580 (154.3 MiB)
         Interrupt:16 Base address:0x2c00

eth1      Link encap:Ethernet
         inet6 addr: fe80::202:55ff:fe07:6d6/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:276813626 errors:2444616 dropped:0 overruns:0 frame:0
         TX packets:87946731 errors:0 dropped:0 overruns:0 carrier:0
         collisions:2444616 txqueuelen:1000
         RX bytes:1634441886 (1.5 GiB)  TX bytes:2402441796 (2.2 GiB)
         Interrupt:29

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:3896208 errors:0 dropped:0 overruns:0 frame:0
         TX packets:3896208 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:828004427 (789.6 MiB)  TX bytes:828004427 (789.6 MiB)

ppp0      Link encap:Point-to-Point Protocol
         inet addr:XXX.XXX.XXX  P-t-P:XXX.XXX.XXX.XXX  Mask:255.255.255.255
         UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
         RX packets:3324045 errors:0 dropped:0 overruns:0 frame:0
         TX packets:740415 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:3
         RX bytes:301507344 (287.5 MiB)  TX bytes:100747638 (96.0 MiB)

eth0 用於區域網路，eht1 連接到 DSL 調製解調器。我希望將所有來自網際網路（埠 81）的傳入流量重定向到我的區域網路（192.168.16.8:3000）中的機器。我正在使用 ufw，但我禁用它以使用乾淨的 iptables。我打算在配置完成後再次打開它。

我試過這個：

iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 81 -j DNAT --to 192.168.16.8:3000
iptables -I FORWARD -p tcp --dport 81 -i eth1 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW --dport 81 -i eth1 -j ACCEPT

但是沒有用！這是包含 iptables -L 的完整日誌：http: //pastebin.com/5vXZ7pQu 這是 iptables-save 日誌： http: //pastebin.com/KPSCxL0x

我正在使用：net.ipv4.ip_forward = 1

謝謝！

界面不正確，事情是這樣的：

iptables -t nat -i ppp0 -A PREROUTING -p tcp --dport 81 -j DNAT --to-destination 192.168.16.8:3000
iptables -t nat -A POSTROUTING -p tcp --dport 81 -j MASQUERADE

引用自：https://serverfault.com/questions/626281