[bjoli]

Under Linux you can run transmission as another user and have an iptables rule to only allow outbound traffic through a specific interface.

[colinsane]

you don't even need the extra user: use a network namespace.

- ip netns add vpnonly # create an empty namespace

- ip netns exec vpnonly wg quick ... # connect to your VPN

later, launch transmission inside this namespace:

- ip netns exec vpnonly transmission

has the nice property that as long as you do that exec step right (or even half right), the failure mode is no connectivity rather than accidentally sending traffic in the clear.

[megous]

Or just uidrange based policy for a separate routing table that just routes to the VPN. Just one thing to set up.

[remram]

Or as your user in a cgroup, probably.