Hi,
Your VPN provider such as Private Internet Access or NordVPN, will (should) have firewall rules in place; which provides protection to prevent access to your connected devices. This is just an extra layer of security and is more peace of mind than anything.
-P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -A INPUT -i tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i tun0 -j DROP -A INPUT -s 192.168.1.0/24 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -s 127.0.0.0/8 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j DROP -A OUTPUT -p tcp -m tcp --dport 22 -j DROP -A OUTPUT -o tun0 -j ACCEPT -A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -o wlan0 -j ACCEPT
The most important lines are:
-A INPUT -i tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i tun0 -j DROP
The first line of these 2 allows inbound connections from the vpn if a service (such as a webpage) has been requested outbound from your device. The 2nd line drops all other inbound traffic.
Thanks Tom.
P.S Please feel free to comment.