Protecting VPN traffic with blackhole routes has been discussed earlier in this forum:
In my post, I've provided a batch script which configures blackhole routes for all private networks.
The effect is that if traffic is routed via a VPN tunnel, and the tunnel goes down, this traffic is discarded instead of being sent out via the default route. This will prevent data leaking out the WAN interface.
Second effect: there is no session built involving this traffic and the WAN interface, so that if the tunnel comes up again, it will immediately continue to transport this traffic through the tunnel.
"Kernel panic: Aiee, killing interrupt handler!"