====== Policy Route for one Application ====== for example to bypass VPN for a single app: https://serverfault.com/a/704253 ip rule add fwmark 2 table 3 ip route add default via 10.0.0.1 table 3 ip route flush cache iptables -t mangle -A OUTPUT -p tcp --dport 465 -j MARK --set-mark 2 Maybe relax source path validation? See Stackoverflow!