Those are not scripts created by me, they are used in the guide in that link.
That guide assumes that you will run openvpn process with qvpn group permissions:
So the firewall rules in the script are restricting the outbound traffic and only allow the traffic originated from the processes started by qvpn group.
Since you use different group name in your script then change qvpn to matrix or vice versa.
And start the openvpn process from this group and not like this: