I'm new to linux and have set up my own Lubuntu 20.04 box. So far I've disabled IPV6, setup firewall rules, configured groups, users and sudoers file, mounted network shares and installed ssh, xrdp, Plex, NordVpn and deluged with web UI.
What I want to do now is make my deluged install only able to access the internet through tun0 which is the interface listed using ifconfig when my VPN is connected. However, this interface is only ever shown when the VPN is connected, if I disconnected from the VPN this interface disappears so I'm not sure if this is possible.
I want the rest of the system to be able to use the eno1 interface normally so that when the VPN is disconnected I can still have my Plex application and xrdp etc working properly.
I have created a network namespace using sudo ip netns add ns-tun0-vpn but I can't work out how to add tun0 to this namespace and then assign the deluged application/service to this namespace so that it can't use eno1.
To add tun0 to the namespace, should I be using something like this:
ip link set tun0 netns ns-tun0-vpn
Would this then prevent tun0 from being used by applications/users not in the ns-tun0-vpn network namespace?
How then do I add an application/group/user into this namespace and block them from accessing eno1?
Is it also necessary to bring up the local loopback? Will this persist or will I need to run this on boot every time?
ip netns exec ns-tun0-vpn ip link set dev lo up
