I am trying to set up a kill switch using iptables, because my VPN client doesn´t do so. I liked the approach of allowing packets based on group id described here: https://weekly-geekly.github.io/articles/274445/index.html
iptables -A OUTPUT -m owner --gid-owner killswitch -j ACCEPT
When I try to run openvpn command under this gid
sg killswitch -c 'sudo openvpn --config vpn_tcp.ovpn'openvpn cannot connect to vpn server, seems like iptables doesn't allow packets through. After googling I found out that only main gid of the user is checked by iptables. I am not sure if it is relevant. Could someone help?
P.S. I know that I can also configure iptables simply by allowing specific ports used by openvpn, but I like the group approach better.