I have a VPN which has setup a default route, which is (of course) different to my gateway. All my traffic therefore gets routed through the tunnel.
however i would like to exempt certain apps from going through the tunnel.
Using pfctl i was able to do the following:
pass out quick route-to (en0 192.168.0.1) group specialgrp flags any
To send all traffic from apps belonging to the "specialgrp" (gid) out the standard gateway rather than the tunnel.
This works, in so far as the traffic does appear on the standard gateway when i use tcpdump - however the source ip address is not correct, it's set to the address given to me by the VPN (a 10.0.0.0/8 address) rather than my local ip address, as a result the app can't operate, as the source ip is incorrect.
How do i correctly set the source ip of the outgoing packets so that they're set to the ip address of my computer, rather than the VPN?
thanks
