an example of running an application in a non-default FIB (routing table),
to route all the application's network traffic via a Wireguard VPN.

what we want to do:

1. create 2 (or more) fibs.
2. put the Wireguard interface in fib 1.
3. add a default route in fib 1 via the Wireguard interface.
4. put the application in fib 1.

in practice:

/etc/sysctl.conf:

	# create two routing tables
	net.fibs=2

	# create routes for local IP addresses in all fibs
	# (optional, but usually easier if you aren't doing
	#  something complicated)
	net.add_addr_allfibs=1

/etc/rc.conf:

	# create the VPN interface and put it in fib 1
	cloned_interfaces="wg.vpn"
	ifconfig_wg_vpn="inet 1.2.3.4/32 fib 1"

	# add a default route in fib 1 via the vpn
	static_routes="vpn"
	route_vpn="0.0.0.0/0 -interface wg.vpn -fib 1"

	# start the application in fib 1
	sockd_enable=YES
	sockd_fib=1

to test that fib 1 works correctly:

	% setfib 1 ping www.freebsd.org
	% setfib 1 fetch -qo- https://myip.bsd.cafe/