4G Failover without MWAN3

I've been using mwan3 successfully, only it seems to hook/break everything and I'm not knowledgeable enough to go manually looking at / editing iptables to fix the issues I'm encountering.

Problems:

  • It doesn't work with Policy Based Routing which makes sense as they're kinda the same thing (So I can't selectively route clients over VPN now, I've tried with MWAN3 and devices seemingly don't get packets back from the router with OpenVPN or so I've read, pages don't load).

  • banIP no longer functions (using for DoH blocking / forcing local DNS).

  • QoS-over-nftables no longer works for upload caps, only download (likely because mwan3 is hooking, I do this for the few smart devices that require internet to function, so if they get hacked they can't be used for DDoS/are useless to the attacker with isolation).

Attempted solutions:

  • Installing iptables-nft before mwan3 and it uses this now instead of iptables-zz-legacy (Doesn't help).

  • Doing PBR for VPN using mwan3 but devices can't load anything.

Considerations:

Trying something like this https://github.com/GTANAdam/openwrt-wan-failover-script?tab=readme-ov-file#readme however this will probably require manually re-setting up with each sysupgrade as it uses crontab and some custom files (not ideal).

Any suggestions are welcome, I've scoured the web for info and while I can see others have had the same issue it doesn't make any sense to me (I think some hackery is required to get this working with mwan3, a different solution is preferred).

Thanks!