# Policy-based Routing based on user



## iamGavinJ (Oct 4, 2016)

Hi,

Is it possible to tag and route packets based on the originating user?

I was attempting to replicate the Linux iptables tagging and routing like:
`iptables -t mangle -A OUTPUT ! --dest $LOCALIP -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1`
`ip rule add from all fwmark 0x1 lookup $VPNUSER`
`ip route replace default via $GATEWAYIP table $VPNUSER`

Thanks.


----------



## kpa (Oct 4, 2016)

You can't do policy routing on traffic that originates on the host itself because of certain limitations on the integration of routing and packet filter hooks in the kernel. The best you can do is use multiple FIBs (setfib(1)).


----------

