I'm using * for ANY because that's what you see when you view the rules page.
A quick and dirty breakdown of the example rule:
TCP * * 192.168.200.19 25(SMTP) *
Pass TCP traffic from any host with any source port with the destination of 192.168.200.19 port 25
gateway and schedule are left at defaults.
Most services are pure TCP, so you would select TCP from protocol. http://en.wikipedia.org/wiki/Internet_protocol_suite
The source should be left as ANY unless you want to restrict access to the service (eg- you might allow ssh only from the source IP of your home connection)
There are few reasons to restrict the source port, so leave it at default...
The destination is the private IP of the machine running the service.
The destination port is the port the service is listening onhttp://en.wikipedia.org/wiki/TCP_and_UDP_port
You can safely leave the rest of the settings at default.
The tricky ones in your list are FTP, which is such a mess that it has it's own troubleshooting FAQ, and PPTP, which uses GRE in addition to the TCP port. Try using the redirection under VPN, PPTP, or look through the PPTP section of the forum.
1-1's are more of a manual setup, port-forwards are bit more friendly to a new user, as they will auto-create the correct firewall rule for you by default.