I’ve been fighting for the last couple of days with iptables on my smoothwall machine, and I’m not sure where to turn next – might need to visit a forum or an IRC channel or something on the subject..

Anyway, at this point I have given telly a second IP, locked the webserver to one side and set up an iptables redirect from port 80 to 3128 (squid) on the other IP only, this tests fine, no problems, perfect.

The problem now lies purely on the smoothwall box.

I keep running in to RTNETLINK errors, and can’t figure out how to get around them.

yoda (root) / $ /usr/sbin/ip route add default via 192.168.1.5 dev eth0 table proxy
RTNETLINK answers: File exists
yoda (root) / $ /usr/sbin/ip route add default via 192.168.1.5 dev eth0 table 200
RTNETLINK answers: File exists
yoda (root) / $ /usr/sbin/ip route add default via 192.168.1.5 dev eth0 table 201
RTNETLINK answers: File exists

I’m pretty sure it’s a kernel module, but basically I’ve been sampling off some instructions I found to make this work and trying to debug as best I can, and it’s just not working:

yoda (root) / $ /sbin/iptables -t mangle -A PREROUTING -j ACCEPT -p tcp –dport 80 -s 192.168.1.5
yoda (root) / $ /sbin/iptables -t mangle -A PREROUTING -j MARK –set-mark 3 -p tcp –dport 80
getsockopt failed strangely: No such file or directory
yoda (root) / $ /usr/sbin/ip rule add fwmark 3 table 2
RTNETLINK answers: Invalid argument
yoda (root) / $ /usr/sbin/ip route add default via 192.168.1.5 dev eth0 table 2
RTNETLINK answers: File exists

I’m lost at this point, and not sure which direction to look next. I found that xt_mark.ko wasn’t loaded and having loaded it it got me to these errors, but I’m not sure which way to go..