networking – Policy-based routing for WireGuard VPN on the client machine running Linux Debian

I was a Shadowsocks user before and a great feature of it was split-tunneling, that I could define a set of URLs to route through the proxy and route everything else through my usual Ethernet connection, I was wondering if the same could be achieved with a WireGuard VPN?

I came across this tutorial that is utilizing iptables and dnsmasq to achieve this functionality but it’s written with routers in mind while I have a DSL modem/router that’s not supported by OpenWRT or any other custom firmware and I also don’t have access to the VPN server configurations, so my only chance is to set this up on the client, my daily driver Linux machine.

Is this possible through iptables or whatever? A set-it-and-forget-it solution that would survive reboots would be great.

Here’s the output from ifconfig on my machine:

enp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.100  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::a0d3:edb5:922:7d52  prefixlen 64  scopeid 0x20<link>
        ether fc:aa:14:49:4e:ff  txqueuelen 1000  (Ethernet)
        RX packets 611020  bytes 791058267 (791.0 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 378746  bytes 55845802 (55.8 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1424  bytes 139567 (139.5 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1424  bytes 139567 (139.5 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP>  mtu 1280
        inet 172.16.0.2  netmask 255.255.255.255  destination 172.16.0.2
        inet6 fd01:5ca1:ab1e:8dbf:19dc:743b:d5ea:8f66  prefixlen 128  scopeid 0x0<global>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 1000  (UNSPEC)
        RX packets 605536  bytes 761865576 (761.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 372376  bytes 39483120 (39.4 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0