DD-WRT:Policy Based Routing

Introduction
Traditional routing functions by sending packets out interfaces depending on where the destination address is by keeping a routing table of which networks are connected to which interfaces. Policy Based Routing is an advanced concept that sends packets based on other criteria such as the source address or TCP port. It does this by creating multiple routing tables and rules that specify which routing table to use when certain criteria are met. Source based policy routing is fairly easy to configure and doesn't require much thought but other forms of policy routing require much more thought to ensure that it functions.

Source Based Routing
Source based routing only requires a few commands:

ip rule add from [source IP]/[netmask] table 200 ip route add default via [gateway] dev [interface] table 200 ip route flush cache

The [source IP] should be whatever the IP of the machine is that you want to be routed differently, optionally with a [netmask] to specify a block of source addresses to route differently. The [gateway] should be the IP of the next router to send traffic to such as your VPN server or the gateway IP of your ISP. The [interface] should be whichever interface the traffic needs to be sent out to reach the alternative gateway such as tun0 for a VPN.

Example:

ip rule add from 192.168.1.128/28 table 200 ip route add default via 10.0.0.1 dev ppp0 table 200 ip route flush cache

With OpenVPN
Your routing commands need to go in the route-up script. See the OpenVPN guide for examples of how to configure route-up scripts.

With PPTP
Your routing commands need to go in the /tmp/pptpd_client/ip-up script, or maybe .ipup as per Script Execution (needs testing).

With A Physical Interface
Your routing commands can go in the firewall script on the Administration->Commands page.