I realize that the VPN has been designed to prevent any IP leaks.
If I wanted to take this one step further and add a “double kill switch” for a particular client IP, i.e. one that is statically assigned, what would be the best method to do this?
Is there a certain iptables rule that should be used in the startup firewall script? Even if VPN is “stopped” I would not want certain hosts to reach the internet. They’d all have static IP.