Easy, block all packets from all interfaces but the vpns
You need to run this after the vpn is up otherwise it will not work
Code:
#!/bin/sh
iptables -P INPUT DROP
iptables -P OUTPUT DROP
# Allow loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow vpn
iptables -A INPUT -i tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -o tun0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
# Allow vpn service though eth0 only (to keep the tunnel established)
iptables -A INPUT -i eth0 -d <vpn ip> -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -o eth0 -s <vpn ip> -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT