iptables -t nat -I PREROUTING 1 -d 11.22.33.44/24 -p tcp --dport 53 -j DNAT --to-destination 192.168.23.1/32:53
iptables -I FORWARD 1 -i vmbr0 -o vmbr1 -d 192.168.23.1/32 -p tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT

• apt-get install iptables-persistent -y
• iptables-save > /etc/iptables/rules.v4
• cat /etc/iptables/rules.v4

iptables -t nat -D PREROUTING -d 11.22.33.44/24 -p tcp --dport 53 -j DNAT --to-destination 192.168.23.1/32:53
iptables -D FORWARD -i vmbr0 -o vmbr1 -d 192.168.23.1/32 -p tcp --dport 53 -m conntrack --ctstate NEW -j ACCEPT

• iptables-save > /etc/iptables/rules.v4

iptables -t nat -I POSTROUTING 1 -s '192.168.23.0/24' -d 192.168.23.1/32/32 -o vmbr1 -j MASQUERADE

• iptables-save > /etc/iptables/rules.v4