No, as I said in another comment I live in a country with strong copyright laws, that’s why I need to route my traffic to a country where piracy is allowed/tolerated.

It could be nothing other than a country of virtue and dharma destined to free the world from corruption and evil. It’s people are still laying dormant under the veil of deception, but this could change very soon.

I didn’t mean that literally. People are just scared of torrenting because of strong anti-piracy campaigns.

This is not necessary since the server is already in a country where a VPN is not needed.

Yes. But curl ipinfo.io and ip addr doesn’t match. The first command contacts a server outside the network, so it shows a public IP address while the other shows the internal IP addresses of the network interfaces.

Thanks. It approximately took one or two weeks to setup it up and configure it step by step. I know using a distro without systemd is not the easiest thing for a beginner but I’m already running MX Linux for a while after I had used plain Debian, so I felt pretty confident. Also there are really good guides out there as I mentioned before. The most difficult part was to configure the VPN so that there are no leaks and stuff like that. For that I needed to a lot of tests and do some research. One thing that would be really cool is to do application based split tunneling or even workspace based split tunneling. But first I will need to find a solution to open the port of my torrent client to outside traffic to torrent properly. I think I have a solution to this.

Nope, I checked the traffic with mtr and it connects directly to the internal IP address of the server. Also I’ve bound the torrent client to the network interface of the VPN to ensure the traffic goes through the VPN.

I understand. The problem with the rules above though is that it would block my regular network interface even after the VPN goes down. That’s why I created some postup and postdown rules for the Wireguard config. PostUp = iptables -I OUTPUT -o %i -p udp --dport 53 -j ACCEPT && iptables -A OUTPUT ! -o %i -p udp --dport 53 -j DROP PreDown = iptables -D OUTPUT -o %i -p udp --dport 53 -j ACCEPT && iptables -D OUTPUT ! -o %i -p udp --dport 53 -j DROP This only activates the rules while the VPN interface is on.

That’s because I live in a country with strict anti-piracy laws. Torrenting pirated stuff here without a VPN would be a death sentence. In the fact the whole piracy scene of my country revolves around stream hosting and one click hosters. Understandable if you consider the fact that anyone can see what you torrent sometimes even including your whole download history.

Yes, it’s very interesting although the networking stuff is not very fun.

Why do you think that a VPN isn’t viable?

I don’t understand it, why doesn’t these commands block internet access when they block DNS traffic like the ufw command?

I already have considered this. Generally I prefer a dedicated IP over a shared IP, especially since I consider the use of private trackers. There are some use cases though like high OpSec operations or a higher privacy need were a shared IP is beneficial, but for me this is not needed.