If you want to view your PAT for debugging:

pixfirewall# show xlate debug

If you want to forward a port on a public interface on a Cisco device performing NAT firewalling (PIX excluded, I'm sure it's got something special) to a port on a private host, it is necessary to perform destination NAT (inside source NAT):

ip nat inside source static <tcp/udp/etc> <private IP> <private port> <public IP> <public port> extendable

Example:

ip nat inside source static tcp 192.168.1.100 22 66.188.71.74 22 extendable

If you need to fool a machine into believing that a host:port pair is local, you can use ipchains to redirect traffic. For example, the desired destination is www.example.com:80 and you want it to go to localhost:8080:

# echo '1' > /proc/sys/net/ipv4/ip_forward
# ipchains -A input -j REDIRECT 8080 -p tcp -s 0.0.0.0/0 -d 0.0.0.0/0 80

Note: No one really uses ipchains anymore, but it can be found on older systems.