Order of events…
- Looked up IP
- Connected to Tailscale, set exit node through Mullvad
- Looked up IP again, was different
- Started seeding in the background while working on other stuff
- At one point I saw Tailscale icon flicker
- Later I got an angry email from my ISP with a timestamp that lined up
Been seeding for years, and this was my first leak. Was for a recent popular film (Linux ISO) that I’ve been seeding for a year. I contacted Tailscale support to express my concern. This is what they said…
Though we have an open feature request for this (link), I don’t believe there are current plans to add a killswitch to the client for Mullvad.
If this is something that is important to you, the quickest solution to this would be to purchase a Mullvad subscription directly from them, since their client has a number of features more geared towards tightening users online privacy – including a killswitch.
So I suggest not using Tailscale with Mullvad for such purposes. I don’t think this is a priority for them. For other uses it’s been fine.
I imagine this could have been avoided with a restrictive torrent client configuration, as is typically recommended online. I’ve tried and failed to get that working in the past. I’ll try again once I change out my VPN. If you’ve been putting that off, learn from my mistake and look into it!
OC by @bl4kers@lemmy.ml
Ive been using AirVPN since Mullvad dropped port forwarding and it has been decent and reasonably priced. The only issue I’ve had was with their “Eddie” client for Windows. I fixed this by using (I think, or something similarly named) WireSock with an AirVPN Wireguard config which also gave me the ability to do split tunneling easily but I only used this for a few months before building a new server running Proxmox
I think ProtonVPN also has the feature but costs a bit more. Private Internet Access is another cheap option but their owners are shady (I had them before Mullvad until they got sold to a company with ties to Israeli spyware makers IIRC)