What I THINK should be:
Background:
there is PC A, aim for using VPN IP
there is PC B, aim for ISP IP (but not yet installed)
for VPN policy I will set PC B to be excluded from VPN usage,
but since PC B is not installed, I don’t know the MAC/IP,
so VPN policy is ON, but list is empty. (I assume this will mean exclude NOTHING,
but luochongjun above say this means exclude EVERYTING)! <— the logic is wrong here!
case A: Kill Switch ON, VPN +, PC A using VPN IP
case B: Kill Switch ON, VPN -, PC A should offline, but now PC A is using ISP IP!
it’s leaking thru ISP IP!