I think you mean forwarding ports to other machines (as opposed to just redirecting them on a particular interface/machine).

Oui :)

As for ipchains, i think it can do port forwarding itself-- this is from /sbin/ipchains --help:

--destination -d [!] address[/mask] [!] [port[:port]] destination specification

The destination, as far as I know is where the packet is headed. For instance, one of my chains says /sbin/ipchains -A input -p tcp -s 0/0 -d 192.168.0.1/32 80 -j ACCEPT "if the source of the packet is coming from any ip (0/0) and its destination is port 80 my own ip (192.168.0.1) ..accept it." I fiddled with getting ipchains to do what redir does a few months ago..and did not get anywhere. ipchains can be used to redirect (-j REDIRECT) one port to another (ex. 192.168.0.1:80 -> 192.168.0.1:21), on the same IP address..but not to another IP address.. Chrissy