Hi,
Done
Just to confirm, it is working when the vpn service is running?
Yes with the current iptable rules, this is the expected result. As for blocking the the resolv, remove these iptables rules:
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -j ACCEPT
@MarchHare edit: dilthedog has just pointed out that the suggestion of removing these iptable rules, will prevent the vpn from coming up; as PIA uses a domain name rather than an ip address for the config.
I suggest changing the nameserver ip addresses, in /etc/resolv.conf to PIAs:
209.222.18.222 and 209.222.18.218
This of course means openresolv and the addtions to the vpn conf are no-longer required.
sudo apt-get install iptables-persistent
sudo netfilter-persistent save
sudo systemctl enable netfilter-persistent
Thanks Tom.