====== Policy Route for one Application ======

for example to bypass VPN for a single app:

https://serverfault.com/a/704253

<code>
ip rule add fwmark 2 table 3
ip route add default via 10.0.0.1 table 3
ip route flush cache
iptables -t mangle -A OUTPUT -p tcp --dport 465 -j MARK --set-mark 2
</code>

Maybe relax source path validation? See Stackoverflow!