New to Docker, need some help with port mappings "iptables"

Docker Hub
1

I have a system that is actually running Docker containers as shown below:
6c4085f4e4bd tlantis-docker/frontend:latest “/bin/sh -c 'sh /usr…” 27 minutes ago Up 27 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:8443->8443/tcp frontend
954ab55ef804 /atlantis-docker/db:latest “docker-entrypoint.s…” 27 minutes ago Up 27 minutes 5432/tcp db

the only issue i am having is basically exposing PORT 5432 to the outside world.
this is running on CentOS Linux
I did add the NAT the following Statement

iptables -t nat -A DOCKER -p tcp --dport 5432 -j DNAT --to-destination 172.16.2.3:5432
However i feel there is something else still missing, 172.16.2.3 is my db container and below is the output of my iptables
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
PREROUTING_direct all – anywhere anywhere
PREROUTING_ZONES_SOURCE all – anywhere anywhere
PREROUTING_ZONES all – anywhere anywhere
DOCKER all – anywhere anywhere ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
OUTPUT_direct all – anywhere anywhere
DOCKER all – anywhere !loopback/8 ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all – 172.16.2.0/24 anywhere
MASQUERADE all – 172.17.0.0/16 anywhere
POSTROUTING_direct all – anywhere anywhere
POSTROUTING_ZONES_SOURCE all – anywhere anywhere
POSTROUTING_ZONES all – anywhere anywhere
MASQUERADE tcp – 172.16.2.7 172.16.2.7 tcp dpt:pcsync-https
MASQUERADE tcp – 172.16.2.7 172.16.2.7 tcp dpt:https
MASQUERADE tcp – 172.16.2.7 172.16.2.7 tcp dpt:http

Chain DOCKER (2 references)
target prot opt source destination
RETURN all – anywhere anywhere
RETURN all – anywhere anywhere
DNAT tcp – anywhere anywhere tcp dpt:pcsync-https to:172.16.2.7:8443
DNAT tcp – anywhere anywhere tcp dpt:https to:172.16.2.7:443
DNAT tcp – anywhere anywhere tcp dpt:http to:172.16.2.7:80
DNAT tcp – anywhere anywhere tcp dpt:postgres to:172.16.2.3:5432

Chain OUTPUT_direct (1 references)
target prot opt source destination

Chain POSTROUTING_ZONES (1 references)
target prot opt source destination
POST_public all – anywhere anywhere [goto]
POST_cerberus all – anywhere anywhere [goto]
POST_public all – anywhere anywhere [goto]

Chain POSTROUTING_ZONES_SOURCE (1 references)
target prot opt source destination

Chain POSTROUTING_direct (1 references)
target prot opt source destination

Chain POST_cerberus (1 references)
target prot opt source destination
POST_cerberus_log all – anywhere anywhere
POST_cerberus_deny all – anywhere anywhere
POST_cerberus_allow all – anywhere anywhere

Chain POST_cerberus_allow (1 references)
target prot opt source destination

Chain POST_cerberus_deny (1 references)
target prot opt source destination

Chain POST_cerberus_log (1 references)
target prot opt source destination

Chain POST_public (2 references)
target prot opt source destination
POST_public_log all – anywhere anywhere
POST_public_deny all – anywhere anywhere
POST_public_allow all – anywhere anywhere

Chain POST_public_allow (1 references)
target prot opt source destination

Chain POST_public_deny (1 references)
target prot opt source destination

Chain POST_public_log (1 references)
target prot opt source destination

Chain PREROUTING_ZONES (1 references)
target prot opt source destination
PRE_public all – anywhere anywhere [goto]
PRE_cerberus all – anywhere anywhere [goto]
PRE_public all – anywhere anywhere [goto]

Chain PREROUTING_ZONES_SOURCE (1 references)
target prot opt source destination

Chain PREROUTING_direct (1 references)
target prot opt source destination

Chain PRE_cerberus (1 references)
target prot opt source destination
PRE_cerberus_log all – anywhere anywhere
PRE_cerberus_deny all – anywhere anywhere
PRE_cerberus_allow all – anywhere anywhere

Chain PRE_cerberus_allow (1 references)
target prot opt source destination

Chain PRE_cerberus_deny (1 references)
target prot opt source destination

Chain PRE_cerberus_log (1 references)
target prot opt source destination

Chain PRE_public (2 references)
target prot opt source destination
PRE_public_log all – anywhere anywhere
PRE_public_deny all – anywhere anywhere
PRE_public_allow all – anywhere anywhere

Chain PRE_public_allow (1 references)
target prot opt source destination

Chain PRE_public_deny (1 references)
target prot opt source destination

Chain PRE_public_log (1 references)
target prot opt source destination