Debian 使用 VPN 和防火墙阻止网络流量

我在 Debian VM 上设置了 VPN（IKEv2）。我尝试创建一个终止开关，以便在 VPN 断开时停止所有流量。我遵循了这个帖子。

它似乎运行得相当好（torrent 流量通过 VPN 传输，当 VPN 断开时流量就会停止），但即使 VPN 处于开启状态，防火墙也会阻止网络流量。

这是我的防火墙配置：

sudo ufw reset
sudo ufw allow in from 192.168.0.0/24 
sudo ufw allow out to 192.168.0.0/24 
sudo ufw default deny outgoing
sudo ufw default deny incoming
sudo ufw allow out to 184.75.213.194 port 500 proto udp
sudo ufw allow out to 184.75.213.194 port 4500 proto udp
sudo ufw allow out on tun0 from any to any
sudo ufw allow in on tun0 from any to any

以下是一些连接信息：

 > ip addr | grep inet
 inet 127.0.0.1/8 scope host lo
 inet 192.168.0.30/24 brd 192.168.0.255 scope global dynamic noprefixroute enp0s3
 inet 10.128.1.99/32 scope global enp0s3
 inet6 fe80::a00:27ff:fe68:3414/64 scope link noprefixroute 
 inet 10.8.0.1/24 brd 10.8.0.255 scope global tun0

> ip r
default via 192.168.0.1 dev enp0s3 proto dhcp metric 100 
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.1 
10.128.1.99 dev enp0s3 proto kernel scope link src 10.128.1.99 metric 50 
10.128.1.99 dev enp0s3 proto kernel scope link src 10.128.1.99 metric 100 
169.254.0.0/16 dev enp0s3 scope link metric 1000 
192.168.0.0/24 dev enp0s3 proto kernel scope link src 192.168.0.30 metric 100 

> cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.128.0.1
nameserver 192.168.0.1
nameserver 1.1.1.1
search Home

> ip ru
0:  from all lookup local 
220:    from all lookup 220 
32766:  from all lookup main 
32767:  from all lookup default 

> resolvectl
Failed to get global data: Unit dbus-org.freedesktop.resolve1.service not found.

> sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
Anywhere                   ALLOW       192.168.0.0/24            
Anywhere on tun0           ALLOW       Anywhere                  

192.168.0.0/24             ALLOW OUT   Anywhere                  
184.75.213.194 500/udp     ALLOW OUT   Anywhere                  
184.75.213.194 4500/udp    ALLOW OUT   Anywhere                  
Anywhere                   ALLOW OUT   Anywhere on tun0

任何帮助将不胜感激！