There are some guides available online on how to do this, but they don’t really offer what I need.
Also, they seem very complicated and I wonder if there’s not an easier solution.
Basically, I want to block all incoming and all outgoing traffic except outgoing VPN traffic on the tun0 interface.
The only traffic allowed outside of tun0 should be the initial connection to the VPN server (to be more specific, the ip address of the VPN server should be whitelisted so I can establish the VPN connection).
I once used to do this via iptables / ufw using the following commands:
ufw default deny outgoing ufw default deny incoming ufw allow out on tun0 from any to any ufw allow out from any to 18.104.22.168
(22.214.171.124 is just an example for the ip address of the VPN server).
Can someone please tell me how I can get the same effect with firewalld or firewall-config?