I have my host machine running on Linux. I installed QEMU hypervisor on this machine. Then I created a virtual machine with Linux on it. I want to create a "kill switch" for the host machine so that my host machine AND virtual machine can access internet ONLY when host machine connected to internet via VPN. And if VPN is down then no internet should be neither on host nor on virtual machine.

I tried these settings for ufw:

#!/bin/bash
ufw --force reset
ufw default deny incoming
ufw default deny outgoing
ufw allow in on tun0
ufw allow out on tun0
ufw allow in on enpXXX from 192.168.1.0/24
ufw allow out on enpXXX to 192.168.1.0/24
ufw allow out on enpXXX to xxx.xxx.xxx.xxx port xxxx proto tcp
ufw allow in on enpXXX from xxx.xxx.xxx.xxx port xxxx proto tcp
ufw enable

It worked but only for host machine. And my virtual machine can still access internet even if VPN is down. I tryed to delete this block from ufw rules:

ufw allow in on enpXXX from 192.168.1.0/24
ufw allow out on enpXXX to 192.168.1.0/24

But in this case I dont have internet on my VM at all. Also I tried to write same rules for virbr0 instead of enpXXX in different combinations. But in all cases I have the same - VM accesses internet even if VPN is down. Or VM has no internet even if VPN is up. So any clues would be appreciated. I am new to this subject. So please excuse me if I do or ask dumb things

Your VM has its own network.
You did not state how the networking is configured for the VM, but it likely needs its own rules on the host.

Mine is bridged using virbr0 and has its own subnet on the host at 192.168.124.0/24. Thus on the host I can establish rules that communications from 192.168.124.1 (virbr0) are only allowed via tun0 and no other path.

Make another VM of a firewall device and route to and out of it.

Thank you for your reply!
My VM is bridged using virbr0 and its subnet is 192.168.122.0/24
But I have difficulties with writing the rules for UFW anyway.

I tried this:

or this:

But still I have the same - it doesn't work at all or it works allways.
Could you please tell me more exactly how should I write it?
I really would appreciate.
Sorry, I'm really new to it...

This probably would be even more difficult for me. Besides I would prefer not to run too many VMs

That'll be the matter. For its default, it looks like Qemu behaves like any other networked application such as a web browser, a mail client, etc. The network the guest sees is all internal to that. So maybe one option would be to launch it using a particular group and then use nftables (not UFW) to filter by group or maybe even use a cgroup.

However, Qemu can be configured to operate in a bridged mode and then from there it should be possible to filter in the host more easily by interface.

Indeed. If you simply want the VMs to see and use "the host network," bridging might be a simple option. Obviously, "less commonly used," but it might be perfect in this situation.

Your host's routing rules should then specify that there is no route to the outside world at all, except through the VPN gateway addresses and therefore available only when the VPN is up.

But I think I already use it in a bridged mode. At least I see a virbr0 net as I mentioned before.
Anyway I have no idea how to write the correct rules to "specify that there is no route to the outside world at all, except through the VPN gateway addresses"

Or how can I check if it is in a bridged mode?