diff --git a/security/tailscale/files/tailscaled.in b/security/tailscale/files/tailscaled.in
index ffbc5350f7de..b1cb480b92bc 100644
--- a/security/tailscale/files/tailscaled.in
+++ b/security/tailscale/files/tailscaled.in
@@ -17,6 +17,8 @@
 #						Default is "info". See daemon(8).
 # tailscaled_syslog_output_facility (str):	Set syslog facility if syslog enabled.
 #						Default is "daemon". See daemon(8).
+# tailscaled_exitnode_enable (bool):	Set it to YES to announce tailscaled as
+#                                       an exit node. Default is "NO".
 
 . /etc/rc.subr
 
@@ -27,6 +29,7 @@ load_rc_config $name
 
 : ${tailscaled_enable:="NO"}
 : ${tailscaled_port:="41641"}
+: ${tailscaled_exitnode_enable:="NO"}
 
 DAEMON=$(/usr/sbin/daemon 2>&1 | grep -q syslog ; echo $?)
 if [ ${DAEMON} -eq 0 ]; then
@@ -51,11 +54,13 @@ fi
 
 pidfile=/var/run/${name}.pid
 procname="%%PREFIX%%/bin/${name}"
+ctlname="%%PREFIX%%/bin/tailscale"
 
 # XXX: Can we have multiple interfaces?
 tailscale_tap_dev="tailscale0"
 
 start_cmd="${name}_start"
+start_postcmd="${name}_poststart"
 stop_postcmd="${name}_poststop"
 
 tailscaled_start()
@@ -63,6 +68,14 @@ tailscaled_start()
 	env CACHE_DIRECTORY=/var/db/tailscale /usr/sbin/daemon -f ${tailscaled_syslog_output_flags} -p ${pidfile} ${procname} --port ${tailscaled_port}
 }
 
+tailscaled_poststart()
+{
+        if checkyesno tailscaled_exitnode_enable; then
+		logger -s -t tailscale "Enabling Exit node mode"
+                ${ctlname} up --advertise-exit-node
+        fi
+}
+
 tailscaled_poststop()
 {
 	/sbin/ifconfig ${tailscale_tap_dev} >/dev/null 2>&1 && (