4rchive

Home Feed Search

"scoped" VPN - /g/ (#106124368) [Archived: 447 hours ago]

← Boards ← Back to /g/
Anonymous
8/3/2025, 9:31:13 AM No.106124368
1718057678937-2
1718057678937-2
md5: 02924af57c6f14139f3d5f73e6621904🔍
hello friends, i need your help with something.
i have an OpenVPN server running on a VPS i rent, and an OpenVPN client on my machine.
everything works well, but what i'd like to do is limit the "scope" of the VPN to a single application, and keep using my IP for everything else.
i find a lot of confusing and conflicting information about this on the internet. does anyone know how to do this?
Replies: >>106124417
Anonymous
8/3/2025, 9:40:00 AM No.106124417
>>106124368 (OP)
As a VPN like TAP/TUN style
Cant do it on OSX w/o a VM
Can do it on Windows
Can do it on Linux if you use kernel namespaces (basically what containers do to achieve what they achieve)
Replies: >>106124442
Anonymous
8/3/2025, 9:41:36 AM No.106124425
I'd say put it in Tailscale and have direct connection to it. Host a socks proxy on that VPN and try to force that application through that socks proxy.
Also keep in mind you are not achieving much anonymity by pushing your traffic through a VPS that you rented to your name. Also your IP score will be shit anyway but not trying to guess what you're doing.
Replies: >>106124442
Anonymous
8/3/2025, 9:41:44 AM No.106124427
tl;dr not really
If you host a proxy on your VPS instead or use an SSH SOCKS proxy tunnel you can modify proxy options on whatever software to do the connection through that.
Depends on the 'single application', it might not support proxies.
Replies: >>106124442
Anonymous
8/3/2025, 9:44:24 AM No.106124442
>>106124417
>Can do it on Linux if you use kernel namespaces (basically what containers do to achieve what they achieve)
that sounds hard
do you think it could be feasible in a simpler way by using snaps for example?
>>106124425
>>106124427
i cant use a socks proxy unfortunately, that would have been the easy way out
it has to be a VPN
Replies: >>106124461
Anonymous
8/3/2025, 9:47:11 AM No.106124461
>>106124442
It is not that hard. I'd say easiest setup would be to just do lxc containers. Set up your VPN client in there and it will only affect that container. Container will boot up right away as your machine does and will share the kernel as the OS but will have its own kernel network namespace that lxc configures for you. Any process running in that container will use the VPN while the "host" will not.
If you're on Linux, consider yourself lucky because this setup is relatively easy to achieve and the most properly isolated out of all the other OS combos I mentioned earlier.
Anonymous
8/3/2025, 9:49:54 AM No.106124476
And you can indeed run X11 applications in the lxc container and have it be interactable locally on your primary X session.
Anonymous
8/3/2025, 9:52:33 AM No.106124492
You can do it with gluetun.