Mh interesting, I've wrote a while ago a script to start on connection in order to have mullvad coexist with tailscale, if anyone is interested, I also have one for NVPN
DOMAINS=(login controlplane log derp1-all derp2-all derp3-all derp4-all derp5-all derp6-all derp7-all derp8-all derp9-all derp10-all derp11-all derp12-all derp13-all derp14-all derp15-all derp16-all derp17-all derp18-all derp19-all derp20-all derp21-all derp22-all derp23-all derp24-all)
FWMARK=$(wg show $1 fwmark)
for d in ${DOMAINS[@]}; do
IPS=$(dig +answer -4 $d.tailscale.com +short)
for IP in ${IPS[@]}; do
iptables -I INPUT --in-interface tailscale0 -j MARK --set-mark $FWMARK
iptables -I OUTPUT --out-interface tailscale0 -j MARK --set-mark $FWMARK
iptables -I INPUT -d $IP/32 -j MARK --set-mark $FWMARK
iptables -I INPUT -s $IP/32 -j MARK --set-mark $FWMARK
iptables -I OUTPUT -d $IP/32 -j MARK --set-mark $FWMARK
done;
done;
iptables -I OUTPUT -d 100.100.100.100/32 -j MARK --set-mark $FWMARK
iptables -I OUTPUT -s 100.100.100.100/32 -j MARK --set-mark $FWMARK
iptables -I INPUT -d 100.100.100.100/32 -j MARK --set-mark $FWMARK
iptables -I INPUT -s 100.100.100.100/32 -j MARK --set-mark $FWMARK
