Problem about selectively using bridged interface and wireguard

Hi! everyone i have a problem i wrote down below so any help would be appreciated
I have bridged interface name "br-wan" and bridge members are ETH1 and ETH0,
also i have a WG0 wireguard tun interface
ETH0 -WAN(gateway
I created bridge called "br-wan" ETH0 and ETH1 are the members I made tihis because in default i want to my clients going to access internet via WAN gateway however I want to redirect some specific traffic (like source destination to WG0 .
In short i want to pass some traffic via wireguard but i tried @stangri's VPN POLICY ROUTING and VPNBYPASS it didn't work for our configurations.

I think i must use PHYSDEV module with combination of iptables according to some research.

i tried this and no luck

iptables -t mangle -A PREROUTING -m physdev --physdev-in eth1 -d -j MARK --set-mark 1
echo 201 mycustomtable >> /etc/iproute2/rt_tables
ip rule add fwmark 1 table mycustomtable
ip rule ls
/sbin/ip route add default via dev eth0 table mycustomtable

So what is my problem? what must i do ? How can i overcome this problem?

// Bridge firewalling enable

# Defaults are configured in /etc/sysctl.d/* and can be customized in this file
#net.ipv4.conf.wg0.rp_filter = 2
net.ipv4.conf.wg0.rp_filter = 2

net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.all.rp_filter = 2
net.ipv4.ip_forward = 1

My Firewall configuration

service firewall disable
service firewall stop

My network configuration

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr ''
        option netmask ''

config interface 'wan'
        option proto 'dhcp'
        option type 'bridge'
        option ifname 'eth0 eth1'

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'SECRET'
        list addresses ''

config wireguard_wg0
        option public_key 'SECRET'
        option description 'alfa'
        option persistent_keepalive '25'
        option endpoint_port '50000'
        list allowed_ips ''
        option route_allowed_ips '1'
        option endpoint_host 'SECRETHOST'

Here is sources which are may be helpful