I was too busy losing sanity running wireshark to find all the subnets one stupid game accesses and manually adding them to VPN routing, while avoiding the main server address. Knowing jackshit about how routing on Linux works in general didn't help.