PBR setting to route WhatsApp and Discord via VPN

Hello

I have set multiple times wireguard and used pbr, however I would need a help for pbr configuration.

I would like to have that all traffic goes via the wan, while Discord and WhatsApp to be routed directly via VPN.

How do I have to set the pbr? I guess I have to use the "Remote addresses / domains", however, I can't set it.

With regards to WhatsApp, I found the addresses to be used here: https://developers.facebook.com/docs/whatsapp/guides/network-requirements/, but every address that includes a "*" returns an error:

How can this be fixed? Are there other URLs for WhatsApp to be used? And which addresses shall I have to use for Discord?

Thank you

For that you have to use ipset/nftset.
There is a paragraph about that in the pbr guide

Thank you, may I ask you if this is the guide you refer to?

IPtables is quite new to me... are there other ways to achieve the same configuration?

Yes that is the guide, you do not need iptables, just follow the guide

Thank you, next weekend I will know what to do :)

I started looking into the matter, but I am chasing an initial problem that does not allow me to proceed.

I will need to test both Wireguard and Tailscale together. I have run the commands to allow PBR to support Tailscale, however, I get the error that the ipset table is longer than 31 allowed chars.

I checked and this is the case (pbr_wan_4_src_net_cfg086ff5), but I am not clear why this is happening... am I making something wrong? How can I ensure that the table is created within the allowed number of chars? Is this a limitation of the workaround used to support Tailscale and shall I do something manually?

root@Rasp3Test:~# ipset list
Name: **pbr_wan_4_src_net_cfg086ff5**
Type: hash:net
Revision: 7
Header: family inet hashsize 1024 maxelem 65536 comment bucketsize 12 initval 0x2ebaa860
Size in memory: 456
References: 0
Number of entries: 0
Members: