A strange instance I've used for forwarding output traffic to loopback
iptables -t nat -A OUTPUT -j DNAT -to 127.0.0.1
Using program fake to setup a fake interface eth0:0 with same MAC address as eth0 for taking over failed interface and looping all out traffic back to self
iptables -A OUTPUT -o eth0:0 -j NAT --to-destination 127.0.0.1
Atempting to forward VNC traffic
Getting the packets to the VNC server:
External: eth1 169.254.200.196
Internal: eth0 192.168.19.200
VNC Server: 192.168.2.200
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 5900 -j DNAT -to 192.168.2.200:5900
It looks like this gets the packets to the server because VNC client waits for a while and then gives a timeout.
It need to outgoing packets to look like they are coming from the firewall. This is the part that I think is causing this to not work...
iptables -t nat -POSTROUTING -o eth1 -p tcp -j SNAT --to-source 169.254.200.196