I did something similar with iptables a while back. The main difference between your goal, and my project, was that I was attempting to redirect all traffic incoming from the network to tun0. No changes to firefox required. The gist of it is this:

1. A custom entry in rt_tables is created to handle certain packets
2. All packets destined for port 80 or a specific IP are given a mark
3. All packets matching the mark in step 2 get passed to the rt_table specified in step 1.
4. The packets in the new rt_tables needs to have a different gateway than the rest - the IP of eth0

I found some old code of mine that should work for you either as it is, or with minor modifications. This is a slightly modified set of the code that I used to run on my gateway:

# Create the new custom router table
echo 201 CustomRouter >> /etc/iproute2/rt_tables

# Mark the desired packets for special treatment
iptables -t mangle -A PREROUTING -d 123.123.123.123 -j MARK --set-mark 2
iptables -t mangle -A OUTPUT -d 123.123.123.123 -j MARK --set-mark 2

# Assign marked packets to CustomRouter
ip rule add fwmark 2 table CustomRouter

# Set the gateway
ip route add default via 192.168.0.123 dev eth0 table ClientRouter

The above presumes that 123.123.123.123 is the IP of the website you want via eth0, and 192.168.0.123 is the IP of eth0. Modify the two lines with that IP to match whatever you want, be it everything on port 80, or just specific one IP. the 123.123.123.123 is just a bogus IP I used for testing this.

Note that the line that creates CustomRouter in rt_tables doesn't have to be executed every time. The perl scrip from which I extracted this has a check to see if it's already there, so I believe it may only have to be done once, or possibly once every boot.

You can add routes for any websites you want to pass via eth0 like this:

ip route add websiteIP via gatewayIP dev eth0

Here, you add the IP address of the website you want to visit at websiteIP, and add your normal gateway IP at gatewayIP.