Hi,
I can confirm the VPN kill switch from these instructions works:
I would clear all the iptables rules and just look at the section for the vpn kill switch, you will need to change eth0 for the network interface on the pi and also change the the network (192.168.1.0/24) on line 3 to match your lan’s network. So for example these are the rules on my debian vm:
sudo iptables -A OUTPUT -o tun0 -m comment --comment "vpn" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p icmp -m comment --comment "icmp" -j ACCEPT
sudo iptables -A OUTPUT -d 192.168.1.0/24 -o ens3 -m comment --comment "lan" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p udp -m udp --dport 1198 -m comment --comment "openvpn" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p tcp -m tcp --sport 22 -m comment --comment "ssh" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p udp -m udp --dport 123 -m comment --comment "ntp" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p udp -m udp --dport 53 -m comment --comment "dns" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -p tcp -m tcp --dport 53 -m comment --comment "dns" -j ACCEPT
sudo iptables -A OUTPUT -o ens3 -j DROP
"Then, create a script to load those rule when your computer boots up.
#! /bin/bash
iptables-restore < /etc/iptables/iptables.rules;
ip6tables-restore < /etc/iptables/ip6tables.rules;"
Remove these scripts and just run:
sudo netfilter-persistent save
sudo systemctl enable netfilter-persistent
At this point I would reboot and then confirm the iptables are in place:
sudo iptables -S
If transmission still won’t start it, try running manually:
/usr/bin/transmission-daemon -f
and post the output here.
Thanks Tom.