If I forward port 5764 to port 80 to my VOIP device, I can nmap and get a proper connection. If I forward port 5764 to port 22 to my server, it comes up filtered. It even happens if I try forwarding port 80 to my server. So I'm sure it has something to do with my server, but I'm not sure.

Here's my Linksys iptables:

Code:
:wanin - [0:0]
-A FORWARD -i vlan1 -j wanin
-A wanin  -p tcp -m tcp -d 192.168.2.2 --dport 80 -j ACCEPT
-A wanin  -p udp -m udp -d 192.168.2.8 -m mport --dports 5060,5061 -j ACCEPT
-A wanin  -p udp -m udp -d 192.168.2.8 --dport 10000:20000 -j ACCEPT
# cat /etc/iptables |grep 80   
-A PREROUTING -p tcp  -d xx.xx.xx.xx--dport 5764 -j DNAT --to-destination 192.168.2.2:80
-A POSTROUTING -p tcp --dport 80 -s 192.168.2.1/255.255.255.0 -d 192.168.2.2 -j SNAT --to-source xx.xx.xx.xx
-A wanin  -p tcp -m tcp -d 192.168.2.2 --dport 80 -j ACCEPT
# cat /etc/iptables         
*mangle
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -i vlan1 -d 192.168.2.1/255.255.255.0 -j DROP
-A PREROUTING -p udp -s 192.168.2.1/255.255.255.0 ! -d 192.168.2.1/255.255.255.0 --dport 53 -j DNAT --to-destination 192.168.2.1
-A PREROUTING -p icmp -d xx.xx.xx.xx -j DNAT --to-destination 192.168.2.1
-A PREROUTING -p tcp -m tcp  -d xx.xx.xx.xx --dport 56983 -j DNAT --to-destination 192.168.2.1:443
-A PREROUTING  -p tcp -m tcp -d xx.xx.xx.xx --dport 56982 -j DNAT --to-destination 192.168.2.1:22
-A PREROUTING -p tcp  -d xx.xx.xx.xx --dport 5764 -j DNAT --to-destination 192.168.2.2:80
-A POSTROUTING -p tcp --dport 80 -s 192.168.2.1/255.255.255.0 -d 192.168.2.2 -j SNAT --to-source xx.xx.xx.xx
-A PREROUTING -p udp  -d xx.xx.xx.xx -m mport --dports 5060,5061 -j DNAT --to-destination 192.168.2.8
-A POSTROUTING -p udp -m mport --dports 5060,5061 -s 192.168.2.1/255.255.255.0 -d 192.168.2.8 -j SNAT --to-source xx.xx.xx.xx
-A PREROUTING -p udp  -d xx.xx.xx.xx --dport 10000:20000 -j DNAT --to-destination 192.168.2.8
-A POSTROUTING -p udp --dport 10000:20000 -s 192.168.2.1/255.255.255.0 -d 192.168.2.8 -j SNAT --to-source xx.xx.xx.xx
-A POSTROUTING -o vlan1 -j MASQUERADE
COMMIT
*filter
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i br0 -d 69.92.51.22 -j DROP
-A INPUT -m state --state INVALID -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i br0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp  -m tcp -d 192.168.2.1 --dport 443 -j ACCEPT
-A INPUT -p tcp  -m tcp -d 192.168.2.1 --dport 22 -j ACCEPT
:FORWARD DROP [0:0]
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m state --state INVALID -j DROP
-A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1461: -j TCPMSS --set-mss 1460
:wanin - [0:0]
:wanout - [0:0]
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i vlan1 -j wanin
-A FORWARD -o vlan1 -j wanout
-A FORWARD -i br0 -j ACCEPT
-A wanin  -p tcp -m tcp -d 192.168.2.2 --dport 80 -j ACCEPT
-A wanin  -p udp -m udp -d 192.168.2.8 -m mport --dports 5060,5061 -j ACCEPT
-A wanin  -p udp -m udp -d 192.168.2.8 --dport 10000:20000 -j ACCEPT
COMMIT
And here's my server's iptables:

Code:
*filter
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp --icmp-type any -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i ra0 -p tcp -m state --state NEW  --dport 22 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW -m multiport --dports 20,22,21,25,53,69,80,111,139,161,443,445,631,636 --syn -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW -m multiport --dports 849,875,898,990,2049,8037,9830,32803,51235,56750 --syn -j ACCEPT
-A INPUT -i eth0 -p udp -m state --state NEW -m multiport --dports 20,21,53,67,69,111,123,137,138,161,631,849,875,989 -j ACCEPT
-A INPUT -i eth0 -p udp -m state --state NEW -m multiport --dports 990,1812,1813,1900,2049,5353,32769,56750 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

*mangle
COMMIT

*nat
-A POSTROUTING -o ra0 -j MASQUERADE
COMMIT
Thank's for helping