Ultimately, I only want to use Proton VPN for torrenting and seeding, while not using Proton VPN for browsing the internet, using Steam and Discord (essentially everything else).
I’m currently using Proton VPN for torrenting, but sadly it doesn’t support using a kill switch if I’m already using split tunneling. I read that NordVPN can use both simultaneously, but I’m not sure if this is actually true. Should I switch VPN so that I can use split tunneling and a kill switch together?
Essentially, I only want to use the VPN for torrenting, and it would be nice to be able to use a kill switch for the torrent if it loses connection.
Thank you.
Turn the Proton killswitch off and use split tunneling, then bind your torrent client to the VPN. This is more reliable than a built-in killswitch.
Or if you’re on Linux, spin up one of Binhex’s bittorrent+vpn containers. Since you’re using Proton, the containers from Binhex will automagically make sure your torrent client is using the random open port Proton picks each time you connect.
Could you use qbittorrent and bind the network interface to ProtonVPN? And then split tunnel whatever apps you want from the GUI?
This is the answer. Much more reliable than the killswitches.
If you go the qbittorrent route, my piece of advice is to always check the settings after any updates.
It was maybe around 8 or 9 years ago, but after one of the updates, all my settings got wiped and set back to defaults I assume.
I didn’t notice until I ended up getting a nastygram from my ISP.
It’s never happened since, but needless to say I always double check now.
If you are on Linux the best option is to run this:
https://github.com/haugene/docker-transmission-openvpn
Basically a small “virtual machine” that assures that the torrent traffic always passes through the VPN. No VPN=no traffic
If you’re going the Docker router, I’d run separate Docker containers rather than an all-in-one. You get the same functionality, but you can route more than one app through the VPN.
Create a Gluetun container to use for the VPN, then have other containers configured to use the Gluetun container as their network.
All you need to do for the other containers is use
network_mode: "service:gluetun"if you’re using docker-compose, or--network=container:gluetunin the Docker command line otherwise.https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md
Works great in Unraid especially, since the option to route a container’s network through another container is available in the Unraid UI.
That won’t work for the OP, they are using Proton VPN, which randomizes the port number in a half-hearted attempt to “stop” piracy. They would need to use a script to bind their torrent client to the open port each time the container started, and also any time the connection was lost and Proton reconnected.
Binhex has images that do this automatically, but as far as I know there isn’t any other way to do it that’s as easy or reliable as an all-in-one container. Binding it to a Gluetun container will connect, but you won’t get very good speeds or peers because it won’t be port forwarded.
Ah, I forgot that some VPNs don’t have good port forwarding support. AirVPN does! Older AirVPN accounts can forward up to 20 ports, and you pick the port numbers out of a list of available ones. I think they limited it to 5 ports for new accounts.
With qbittorrent, you can just set it to do this. Tell it to only use the VPN interface.
Other people have suggested binding the client to the vpn interface. In rtorrent this is very easy. It may be easy in other clients.
Kill switches are unreliable
The only real constraint here is VPN port forwarding. You would need a VPN provider that supports that in order to hit DHT swarms. So, just make sure the provider has that.
As for kill switching, run the VPN and torrent client through docker. There is probably already a docker image out there that does that depending on what provider you go with. Essentially what you’d be doing is sandboxing your torrent client and then only passing in the VPN interface via docker network to that client. If the VPN tunnel goes down there is no other egress point off the network segment and zero chance for traffic using a different interface.
You don’t need a provider-specific Docker container. Gluetun (https://github.com/qdm12/gluetun) supports a lot of providers, but you can use any provider through a custom config.
Yes, that is correct. As I said, there is probably already a docker image out there for the provider you go with.
Best thing to do in a situation like this is to have a bake off. Just pay the smallest amount of money you can to test out other services till you can form your own opinion.
I would test mullvad. It does split tunneling with a kill switch at the same time, it also allows you to do local networking without split tunneling. It doesn’t do any logging and you can pay in cash. I use it to seed and in my torrent app (qbittorrent) I set it to only connect to internet through my VPN so even if the kill switch somehow failed, the moment I’m no longer on the VPN my torrents stop no matter if I’m leeching or seeding.
For further research, I suggest the piracy megathread
Proton recently added local network access but the main thing is that it supports port forwarding unlike mullvad. Absolutely should be setting your vpn and the interface in qbitorrent though as you said, it’s much more reliable and convenient than a killswitch imo
That’s cool to know. I haven’t yet tried to port forward on my vpn. Normally I just do that in my network or using istio.
Yeah port forwarding from your router won’t do anything if you’re using a vpn so you need it to be supported by the vpn to download and seed most effectively
