I am looking for some way to route packets based on its destination ports switching regular internet connection and established openvpn tunnel.

This is my configuration

OpenVPN server ( I have no control over it )

OpenVPN client running ubuntu

wlan0 192.168.1.111 - internet connected if

Several routes applied on connection to openvpn from server:

/sbin/route add -net 207.126.92.3 netmask 255.255.255.255 gw 192.168.1.1
/sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 5.5.0.1
/sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 5.5.0.1

And I need to route packets regarding it's destination ports for ex:

80,443 into vpn everything else directly to isp connection 192.168.1.1

What i have used during my attempts:

iptables -A OUTPUT -t mangle -p tcp -m multiport ! --dports 80,443  -j MARK --set-xmark 0x1/0xffffffff
ip rule add fwmark 0x1 table 100
ip route add default via 192.168.1.1 table 100

I was trying to apply this settings using up/down options of openvpn client configuration

All my attempts reduced to successful packet delivery and response only via vpn tunnel.

Packets routed bypassing vpn

i have used some SNAT to gain proper src address

iptables -A POSTROUTING -t nat -o $IF -p tcp -m multiport --dports 80,443 -j SNAT --to $IF_IP

failed in SYN-ACK like 0 0,1 0,1:

"70","192.168.1.111","X.X.X.X","TCP","34314 > 81 [SYN] Seq=0 Win=5840 Len=0 MSS=1460   TSV=18664016 TSER=0 WS=7"
"71","X.X.X.X","192.168.1.111","TCP","81 > 34314 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0   MSS=1428 TSV=531584430 TSER=18654692 WS=5"
"72","X.X.X.X","192.168.1.111","TCP","81 > 34314 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1428 TSV=531584779 TSER=18654692 WS=5"
"73","192.168.1.111","X.X.X.X","TCP","34343 > 81 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 TSV=18673732 TSER=0 WS=7"

I hope someone has already overcome such a situation or probably knows better approach to fulfill requirements.

Please kindly give me a good advice or working solution.