I prefer to use the luci-app-openvpn package to configure my router as a VPN client because it's simple. When I use this package, is there still a need for a kill-switch and do I still need to consider modifying my routers configuration to account for DNS leakage?
In the OpenWrt site's OpenVPN extras page, there is a section covering the implementation of a kill-switch. However, after using the luci-app-openvpn, I'm not quite sure how I would need to modify that page's uci commands to accommodate for the package's configuration. For example, I've added the tun0 device to the wan firewall zone's covered devices. Will I need to remove tun0 from the wan firewall zone and create a new vpn firewall zone?
My VPN provider is ProtonVPN.