Do you have an ESTABLISHED,RELATED rule on your FORWARD chain?
Then I have been trying pretty much every combination of parameters for rules in 'iptables'. The latest I've got is:
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 21 -j DNAT --to-destination 10.1.1.99
iptables -A FORWARD -d 10.1.1.99 -i eth1 -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source <WAN_IP>
The last line is just to share the gateway with the rest of the PCs on the LAN. Problem remains - I still can't see the FTP server. I know it's working because I can ftp straight into 10.1.1.99 on a local connection but I just can't seem to forward through the gateway. The LAN IP on the Linux box is 10.1.1.71 and I can ping the FTP server fine. I just can't get it to forward FTP traffic through iptables.