Disagree with the previous speaker.
A certain application will sit on a certain network port
This is fundamentally not true. Even if we assume that the application is a daemon (provides some kind of service), it can simultaneously "listen" to packets on as many ports as desired.
I'll even omit the description of the technology itself and the fact that no one "sits" on the "ports" and in fact the "ports" are just identifiers indicating to whom to transfer this packet.
If the application is not a daemon, then for outgoing requests (and receiving a response) each time (for each request) it uses absolutely random ports (well, with torrent clients there is a small caveat, which, however, still does not negate the applicability of the above and to some of them.
And answering the OP's question, you can mark the package by application. For example:
iptables -A OUTPUT -p TCP -m owner --pid-owner $PID -j <desired target, be it LOG, ULOG, MARK or whatever>
Which doesn't really work well on multi-core systems though :'(
But you can still google a bit around match packets by pid and the tc/ipset/iptables toolkit
// or run that wine app as a separate user and use -m owner --uid-owner $userid This works on multi-core systems too.