iptables nat prerouting redirect failing from server outside of network [closed]

view story

http://serverfault.com – I have a kippo honeypot setup on our local network, and our DMZ uses: sysctl net.ipv4.ip_forward=1 ldconfig iptables -t nat -A PREROUTING -p tcp -s $ATTACKER_IP --dport 22 -j DNAT --to-destination iptables -t nat -A POSTROUTING -j MASQUERADE There is also a port forward on the router so port 2222 can be hit from outside the network. I've tested it, and it works just fine. The problem occurs when I try to forward from a cloud server to $PUBLIC_IP:2222. The rules above, which work fine for internal, don't seem to want to comply. Am I missing something? (HowTos)