How can i setup gufw to allow just tun? right now i am manually adding the tun ip everytime my vpn ip drops and reconnects
I am not sure I understand what you saying, if I am thinking right, depending on your vpn client, when you start a connection with a vpn with openvpn, it opens a tun/tap. You can have a script to auto re-connect.
Here some links