iptables 中的配置 DNAT

我有 2 台由 VMWARE 创建的 PC

1. PC1（制作iptables路由器）：

ens33 's IP:  192.168.1.5/24  (network connection is bridged)
ens37 's IP:  192.168.2.2/24. (network connection is wmnet9)

2. PC2（Web 服务器）：

ens33 's IP:  192.168.2.1/24. (network connection is wmnet9)

3.我的IP真实PC：

192.168.1.16/24

如何表示我的真实电脑可以webserver通过连接到iptables？

我尝试过：

echo 1 />proc/sys/net/ipv4/ip_forward

iptables -t nat -A PREROUTING -p tcp 192.168.1.5 --dport 80 -j DNAT --to-destination 192.168.2.2:80
iptables -A FORWARD -p tcp -d 192.168.2.2 --dport 80 -j ACCEPT
iptables -A FORWARD -p tcp -S 192.168.2.2 --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -d 192.168.2.2 --dport 80 -j ACCEPT

但是我通过谷歌浏览器连接时收到警报无法访问此网站

我的 iptables 规则：

   iptables -v -x -n -L  


    Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

     pkts   bytes target  prot opt in   out  source        destination

     9      456 ACCEPT     tcp  --  *    *   0.0.0.0/0      192.168.2.2 tcp dpt:80

    Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

    pkts    bytes target  prot opt in   out  source        destination

      0      0  ACCEPT     tcp  --  *    *   0.0.0.0/0      192.168.2.2 tcp dpt:80

      0      0 ACCEPT     tcp  --  *     *   192.168.2.2    0.0.0.0/0 tcp spt:80

    Chain OUTPUT (policy ACCEPT 9 packets, 360 bytes)

    pkts    bytes target  prot opt in   out  source        destination

--

    iptables -t nat -v -x -n -L

    Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)

    pkts bytes target  prot opt in    out   source        destination

     9   456   DNAT   tcp  --  *      *   0.0.0.0/0    192.168.168.1.5 tcp dpt:80 to:192.168.2.2:80

    Chain INPUT (policy ACCEPT 9 packets, 456 bytes) 

     pkts bytes target  prot opt in  out  source   destination

    Chain OUTPUT (policy ACCEPT 594 packets, 38555 bytes)

     pkts bytes target  prot opt in  out  source   destination

    Chain POSTROUTING (policy ACCEPT 181 packets, 11845 bytes)

     pkts bytes target  prot opt in  out  source   destination

     413  26710  SNAT   all  --  *  ens33 0.0.0.0/0  0.0.0.0/0 to:192.168.1.5