[root@mode~]# /etc/init.d/httpd start
[root@modehtml]# echo 111 > test.html


[root@modehtml]# route -nKernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.0.0     0.0.0.0         255.255.255.0   U    0      0        0 eth1
10.0.10.0       0.0.0.0         255.255.255.0   U     0     0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U    0      0        0 eth0
0.0.0.0         192.168.0.4     0.0.0.0         UG   0      0        0 eth1
0.0.0.0         192.168.0.1     0.0.0.0         UG   0      0        0 eth1
[root@test3domian]# echo 1 > /proc/sys/net/ipv4/ip_forward
[root@test~]# ifdown eth1
[root@test~]# route add default gw 10.0.10.62
[root@test~]# route -n
KernelIP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.10.0       0.0.0.0         255.255.255.0   U    0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U    1002   0        0 eth0
0.0.0.0         10.0.10.62      0.0.0.0         UG   0      0        0 eth0
[root@test~]# ping 192.168.0.4
PING192.168.0.4 (192.168.0.4) 56(84) bytes of data.
64bytes from 192.168.0.4: icmp_seq=1 ttl=64 time=22.0 ms
64bytes from 192.168.0.4: icmp_seq=2 ttl=64 time=0.245 ms
[root@test ~]# curl -dumphttp://192.168.0.110/test.html
111
[root@modelogs]# tail access_log
10.0.10.60- - [02/Feb/2014:20:33:27 +0800] "POST /test.htmlHTTP/1.1" 200 4 "-" "curl/7.19
.7 (x86_64-redhat-linux-gnu)libcurl/7.19.7 NSS/3.13.6.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
[root@test3domian]#  iptables -t nat -A POSTROUTING-s 10.0.10.0/24 -j SNAT --to-source 192.168.0.4
[root@mode logs]# tail access_log
10.0.10.60- - [02/Feb/2014:20:33:27 +0800] "POST /test.html HTTP/1.1" 200 4"-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7NSS/3.13.6.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
192.168.0.4- - [02/Feb/2014:20:37:13 +0800] "POST /test.htmlHTTP/1.1" 200 4 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu)libcurl/7.19.7 NSS/3.13.6.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
[root@test3domian]# iptables -t nat -L -n -v
ChainPREROUTING (policy ACCEPT 3 packets, 387 bytes)
pkts bytes target     prot opt in     out    source               destination        
 
ChainPOSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out    source              destination        
  2   144 SNAT       all --  *      *      10.0.10.0/24        0.0.0.0/0           to:192.168.0.4
 
ChainOUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out    source               destination
[root@test3domian]# iptables -A FORWARD -m state --state ESTABLISHED -j ACCEPT
[root@test3domian]#  iptables -A FORWARD -s10.0.10.0/24 -p tcp --dport 80 -m state --state NEW -j ACCEPT
[root@test~]# curl -dumphttp://192.168.0.110/test.html
111
[root@test3domian]# iptables -L -nv
ChainINPUT (policy ACCEPT 45 packets, 3241 bytes)
pkts bytes target     prot opt in     out    source              destination        
 
ChainFORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out    source              destination        
 27  2964 ACCEPT     all --  *      *      0.0.0.0/0           0.0.0.0/0           stateESTABLISHED
  3   180 ACCEPT     tcp --  *      *      10.0.10.0/24        0.0.0.0/0           tcp dpt:80state NEW
 
ChainOUTPUT (policy ACCEPT 31 packets, 4064 bytes)
pkts bytes target     prot opt in     out    source              destination