If ufw isn’t already chilling on your system, let’s invite it over with:
$ sudo apt install ufw
We’re setting ufw to play the gatekeeper, denying all those incoming and outgoing connections:
$ sudo ufw default deny incoming
$ sudo ufw default deny outgoing
We need to carve out a VIP path for our VPN traffic. Assuming you’re hanging out with tun0 (the usual suspect for VPN interfaces):
$ sudo ufw allow out on tun0 from any to any
Before we lock everything down, let’s not strand ourselves outside our VPN server. Replace x.x.x.x with your server’s actual IP:
$ sudo ufw allow out from any to x.x.x.x
Fire up ufw and let’s see it in action:
$ sudo ufw enable
Firewall is active and enabled on system startup
$ sudo ufw status
Status: active
To Action From
-- ------ ----
Anywhere ALLOW OUT Anywhere on tun0
x.x.x.x ALLOW OUT Anywhere
Anywhere (v6) ALLOW OUT Anywhere (v6) on tun0
And there you have it! A straightforward, yet effective way to keep your digital footprint under wraps, even when your VPN gets a bit wobbly. Stay safe and private, my friends!