Firewall setup

Hi, Has anybody used Linux in a such setup? Firewall box 3 ethernets. eth0: internet (Real IP) eth1: Local (192.168.1.0/24) eth2: DMZ (10.0.0.0/24) My problem is rather conceptual. What I'm trying to do is network address translation (NAT) but it's a wide topic and full of misconceptions and incompatibilities between documents. I specifically would like to translate 1 real IP to 1 unreal IP and 1-1 only. For instance; www.xxx.com is 195.195.195.10 (supposed to be a real IP) in the DNS. www.xxx.com runs on the virtual server 10.0.0.10 so the port 80 request to IP 195.195.195.10 should be routed to eth2 and translated as 10.0.0.10 back and forth. What tools do I need for such a setup in a 2.4 kernel ? Thanks in advance