PBR seem to default to route all traffic to WAN instead of WG

Installing and Using OpenWrt
1

I have a wg interface which routes all traffic via it when pbr is disabled. When pbr is enabled (no policies) traffic defaults to the wan interface. I expected pbr to do the opposite: route all traffic via wg unless policies state otherwise.

I want all traffic to default to the wg interface with the exception of 1 machine which should be routed outside the tunnel/via wan. Whether this is achieved with pbr or other tools is irrelevant. How can I achieve this?

I have set the wg peer to route allowed IPs (0.0.0.0/0) and it does default to it when pbr is disabled.

Let me know if I can provide logs/configs for troubleshooting. I use Luci but do have access to ssh if needed.

2

PBR does not change the existing default route of the main table.

Are you sure the default route is via the WG tunnel if PBR is disabled?

Occasionally people forget to enable Route Allowed IPs on the WG Peer and if that is not enabled there is no default route via the WG tunnel

For a proper setup of a WireGuard client see my notes:

You need the WireGuard Client setup guide, make sure to download it as Github only show the first 5 pages.

3

Or you can hit:
Screenshot 2025-03-09 at 20-15-25 OpenWRT-egc-add-on_notes_OpenWRT WireGuard Server Setup guide using LuCi 4.pdf at main · egc112_OpenWRT-egc-add-on · GitHub