It has routes for and allows 0.0.0.0/0 - the problem is that I want it to use a certain WireGuard interface for that traffic and not my default route for 0.0.0.0/0 = wan.
I have forbid it to use wan through firewall - but how can I force it to use another gateway than the default = the one with lowest metric ?
I assume the traffic on the other side of the Wireguard you're referring to are specific subnet or subnets (otherwise I'm not sure how you determine different traffic both on the Internet, a.k.a. 0.0.0.0/0), for example: 192.168.xxx.0/24. So, you'd just make a more-specific route for that traffic to use the WG interface: