I've created a VLAN with id 10, and it has IP address range of 192.168.101.0/24
And created a Wireguard interface (as a client, it is connected to a server in another country).
How to make VLAN clients access the internet through the wireguard interface and not through the WAN interface ?
for now i created a firewall zone for the VLAN named it "privateZone"
and a firewall zone for the wireguard interface called "wgZone"
Wireguard uses peers, there is no "server" or "client" in the standard sense. You can:
use PBR; or
make IP Routes and IP Rules
Using IP Routes and IP Rules:
config route
option target '0.0.0.0'
option netmask '0.0.0.0'
option table '1' #<---number used, or add name to a file, see Wiki
option interface 'wg'
config rule
option src '192.168.101.0/24'
option dest '0.0.0.0/0'
option priority '1' #<---IP Rule No - not same as table
option lookup '1'#<--- table No
worked like a char, added the lines to /etc/config/network and it worked, zones are needed to be defined properly as you mentioned in order for it work as well. thank you so much for the help!