Mullvad Split Tunnel Config for qBittorrent
Table of Contents
Configuring Mullvad (or any OpenVPN service)
I get it, you want to download your Linux ISOs in peace. However, there may be some issues. For example, certain countries block access to based Linux distributions such as Qubes OS or Tails.
To circumvent this, you can use a VPN. However, for various reasons, you may not want to route your traffic through the VPN as well. This is where split tunneling comes in.
This tutorial will show you how to set up an OpenVPN so only one IP is actually is routed through, which hosts a SOCKS5 proxy (Mullvad does this) so you can set the proxy settings manually for each program.
Steps
Get the config files
First, get your config files for OpenVPN. In the case of Mullvad, you can follow the tutorial here (onion, JS required) and follow for your distro of choice. There are also tutorials for MacOS and Windows, but you’ll have to adapt the rest of this tutorial to them.
Add rules to the OpenVPN config file
Go ahead and open the /etc/openvpn/mullvad-xx.conf
file in the editor of your choice.
Then, add the following content
route-nopull
route 10.8.0.1 255.255.255.255
The first rule prevents the VPN tunnel from routing anything by default.
The second rule tells OpenVPN to route the IP 10.8.0.1
through the tunnel.
Be sure to replace the IP with your SOCKS5 proxy IP behind the VPN tunnel (it’s 10.8.0.1
for Mullvad)
After that, you can run OpenVPN and open the tunnel
Configure qBittorent
After your VPN tunnel and SOCKS5 proxy have been set, open qBittorrent and go to Tools > Preferences
Change the following options inside the Connection
menu:
- Change
Peer connection protocol
toTCP
- Uncheck
Use UPnP / NAT-PMP port forwarding from my router
- Set up the proxy server
- Select type of proxy (
SOCKS5
for Mullvad) - Select host of proxy (
10.8.0.1
for Mullvad when using OpenVPN) - Select proxy port (
1080
for Mullvad, may vary) - Check
Use proxy for peer connections
andUse proxy for hostname lookups
but NOTUse proxy only for torrents
- Fill in the
Authentication
area if need (Mullvad doesn’t need this)
- Select type of proxy (
Change the following options inside the BitTorrent
menu
- Uncheck
Enable DHT, PeX, and Local Peer Discovery
- Check
Enable anonymous mode
Now apply the config and you are ready to go!
Perhaps in the future, if there is demand to do so, I will make a WireGuard version of this tutorial