With policies, we can set routing tables based on criteria such as
- source - destintation - tcp flags - ...
Furthermore we can also set firewall marks (fwmark). Either with policies, but also with wireguard.
It would be great to be able to do the following:
set policy route FWMARK-42 rule 1000 fwmark 42 set policy route FWMARK-42 rule 1000 set table 100
which would result into something similar to:
ip rule add fwmark 100 iif $interface_where_policy_is_applied table 100
This would allow us to set a table depending on the fwmark.
In combination with wireguard fwmark setting, this would allow to route the wireguard traffic with local PBR through a specific interface.