I am running a VPN in windows 10 desktop (using OpenVPN) and the VPN is the default gateway, so that all traffic by default goes through the VPN tunnel.
However, I would like to exempt certain apps from the VPN, so that their traffic goes directly out the physical interface instead, by passing the VPN (so-called "split tunnelling")
I assume this solution would involve the WFP (Windows Filtering Platform) API, and perhaps the Windows equivalent of
setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, device, sizeof(device))
I have this working in Linux currently via "cgroups" and policy-based routing/multiple routing tables.
But it is my understanding that Windows has neither policy based routing or multiple routing tables. But i can still think of a way of achieving this in Windows, but I cannot find the APIs to make it happen
One way is to hook the socket creation of a specific app and then use the windows equivalent of SO_BINDTO_DEVICE socket option (setsockopt()) to force the socket to be bound to the physical interface rather than the tap driver.
But, again, I cannot find the relevant APIs to make the above happen.
So I have a few questions:
(1) Is what i want to do possible within the given APIs of WFP (Windows Filtering Platform) or Windows APIs in genral? if so, which APIs do you advise i look at?
(2) Or, must i write a "WFP call-out driver" ? If so, would you be able to point me towards some resources for this, and possibility a good starting point for my particular problem? :)
(3) Is there anything else I might be missing? a simpler approach to achieve what i want? I know that it is possible in windows, as i have see the feature in some VPNs, but i would like to replicate it in my own personal VPN :)
