Oh, I thought of one additional requirement, if it is possible. I use port knocking to open ports to services. I would like port knocks to also be forwarded to my targeted "dmz" systems as well. This has been a real head scratchier for me also...   Marc...

I suggest using OpenWRT for this. It's a linux distro designed for routers, but you can also install it on x86 PC. It has a web ui, that allows to configure it all.