I have the following setup:

192.168.0.4        192.168.0.6      192.168.0.1
+-----------+      +---------+      +----------+
|WORKSTATION|------|  LINUX  |------| GATEWAY  |
+-----------+      +---------+      +----------+
                   192.168.150.10
                        |
                   192.168.150.9
                   +---------+
                   |   VPN   |
                   +---------+
                   192.168.150.1

WORKSTATION has a default route of 192.168.0.6 LINUX has a default route of 192.168.0.1

I am trying to use the gateway as the default route, but route port 80 traffic via the VPN. Based on what I read at http://www.linuxhorizon.ro/iproute2.html I have tried this:

echo "1 VPN" >> /etc/iproute2/rt_tables
sysctl net.ipv4.conf.eth0.rp_filter = 0
sysctl net.ipv4.conf.tun0.rp_filter = 0
sysctl net.ipv4.conf.all.rp_filter = 0

iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 80 -j MARK --set-mark 0x1
ip route add default via 192.168.150.9 dev tun0 table VPN
ip rule add from all fwmark 0x1 table VPN

When I run "tcpdump -i eth0 port 80" on LINUX, and open a webpage on WORKSTATION, I don't see the traffic go through LINUX at all. When I run a ping from WORKSTATION, I get this back from some packets:

92 bytes from 192.168.0.6: Redirect Host(New addr: 192.168.0.1)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 de91   0 0000  3f  01 4ed3 192.168.0.4  139.134.2.18

Is this why my routing is not working ? Do I need to put GATEWAY and LINUX on different subnets to prevent WORKSTATION being redirected to GATEWAY ? Do I need to use NAT at all, or can I do this with routing alone (which is what I want) ?