I’m trying to achieve a specific setup where I want to proxy a single app (lets say, GIMP) through a WireGuard/OpenVPN connection, while routing all other traffic through the Mullvad VPN app. The issue is that the VPN provider doesn’t support SOCKS5 or any other proxy protocols(Not Mullvad VPN).
I’ve attempted to set up a WireGuard connection that only allows GIMP to pass through, but I’m not sure if I’m on the right track and don’t know how to do it. Has anyone successfully achieved this setup on Linux? If so, I’d love to hear about your approach.
Specifically, I’m looking for a way to proxy GIMP through WireGuard/OpenVPN while keeping all other traffic routed through the Mullvad VPN app. Any guidance or advice would be greatly appreciated!
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 2.86K Posts
- 71.9K Comments
- Modlog
network namespaces can do it, firejail makes it easy but there’s several other methods as well.
if you already know the IP address(es) you will be communicating with, it’s even easier just by adding a static route with a gateway of the VPN interface.
Thanks for the Firejail suggestion, I’m currently experimenting with it but keep getting a error. When I attempt to add my WireGuard configuration using the command
sudo wg-quick up wireguard, I consistently receive the error message/usr/bin/wg-quick: line 32: resolvconf: command not found. I’ve tried starting resolvconf via systemd, and it’s now running, but the error persists.If this is for torrents, the binhex qbittorrent docker can do this for wireguard.
interesting!
From a networking standpoint, you can configure qos tagging for a specific application and use that dscp variable as a flag for pbr. Then set your next hop via respective tunnel.
I understood a word: networking.
Haven’t done it myself, but his might help you for further research
iptables
https://unix.stackexchange.com/questions/264589/traffic-of-specific-program-through-vpn
network interfaces
https://unix.stackexchange.com/questions/234583/routing-on-per-application-basis
Qubes is the gold standard
Network namespaces also work
Portmaster is a good gui for this approach
Spin up a gluetun instance, which will give you your proxy. I use two to have a local exit node and an international one.
Would using the Mullvad VPN app still be an option, or would I need to set up WireGuard for Mullvad VPN.
Umm, if I understand you, it should be fine, you’d have the app and also proxies available on 8388 and 8888 or whatever you prefer on a different tunnel… It’s pretty much the VPN swiss army knife. Use wireguard if you can, it’s a lot faster (but more CPU intensive).