Thanks! Unfortunately my VPN is OpenVPN and doesn't support Wireguard yet :(

Cool! And you can easily control the mini router from your devices so that it connects to the hotel WiFi or whatever network you want?

Interesting! I'm new to this, this is really valuable! What made you choose this approach?

Understood, yes it's a kill switch. I'll test your set of rules in a bit and let you know!

Except that that set of rules doesn't work, or do you mean defining a default gateway?

Interesting, but by the time I apply the rules the VPN connection has already been established. Wouldn't that remove the necessity for the last line?

I guess what I'm really trying to do is make sure that whatever happens, if the vpn fails (tun0), there is no more communication with the Internet.

Hmm, but wouldn't that allow applications to communicate on wlan0 without using the vpn?

Thanks for your help and excuse my ignorance.

I see, but then how would I disable everything else? Should I not use the default rules?

It does, but later I have the rules to counteract those, for the VPN specifically: sudo ufw allow in on tun0 sudo ufw allow out on tun0

So that would open that up again, or am I wrong?

That makes sense, but it's possible that the VPN connection drops for a second, and then it can't re-establish it, right? How would I deal with that?

I always find this kind of silly. You were born and raised in the USA, so you're American, whether you like it or not. There's people saying they're Irish American despite 3 generations having passed, so when does it end? Am I Dutch-Norwegian because my great grandmother was Norwegian and came to The Netherlands?

No, I'm Dutch, I was born and raised here without influence of the Norwegian culture.