Linux snap leaks TCP connections when VPN connection fails
There are times when the snap fails to connect to a VPN server and gives up after sometime. This can be related to network issues. After giving up, the snap app shows "Unsecured Connection" with a red box around it. Running wireshark while in this state has shown that TLS connections are being made, I'm fairly certain by firefox. This is unexpected from a user perspective because, once the VPN is connected, there is an expectation that all packets will go through the VPN or not get sent at all. Not that the VPN can be suddenly switched off and have the users real ip exposed. This is dangerous for users that need to make sure that their real ip is not known for certain activities.
I believe the iptables rules added after a VPN connection is established still exist. However, the tun interface does not, so packets are default routed to the main network interface. This should still be rejected by the iptables rules, so I'm not sure how packets are going out on the main interface.