2015-10-10 16:46:50 *Tunnelblick: OS X 10.10.5; Tunnelblick 3.6beta10 (build 4400); prior version 3.5.4 (build 4270.4395)
2015-10-10 16:46:51 *Tunnelblick: Attempting connection with xxx-spb using shadow copy; Set nameserver = 1; monitoring connection
2015-10-10 16:46:51 *Tunnelblick: openvpnstart start xxx-spb.tblk 1337 1 0 1 0 541042 -ptADGNWradsgnw 2.3.7
2015-10-10 16:46:52 *Tunnelblick: openvpnstart log:
Loading tap-signed.kext
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.7/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Sgkomissarov-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sxxx--spb.tblk-SContents-SResources-Sconfig.ovpn.1_0_1_0_541042.1337.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Users/gkomissarov/xxx-spb.tblk/Contents/Resources
--verb
3
--config
/Library/Application Support/Tunnelblick/Users/gkomissarov/xxx-spb.tblk/Contents/Resources/config.ovpn
--cd
/Library/Application Support/Tunnelblick/Users/gkomissarov/xxx-spb.tblk/Contents/Resources
--management
127.0.0.1
1337
--management-query-passwords
--management-hold
--script-security
2
--up
--down
--route-pre-down
2015-10-10 16:46:51 OpenVPN 2.3.7 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Sep 23 2015
2015-10-10 16:46:51 library versions: OpenSSL 1.0.2d 9 Jul 2015, LZO 2.09
2015-10-10 16:46:51 MANAGEMENT: TCP Socket listening on [AF_INET]
127.0.0.1:13372015-10-10 16:46:51 Need hold release from management interface, waiting...
2015-10-10 16:46:51 *Tunnelblick: openvpnstart starting OpenVPN
2015-10-10 16:46:52 *Tunnelblick: Established communication with OpenVPN
2015-10-10 16:46:52 *Tunnelblick: Obtained VPN username and password from the Keychain
2015-10-10 16:46:52 MANAGEMENT: Client connected from [AF_INET]
127.0.0.1:13372015-10-10 16:46:52 MANAGEMENT: CMD 'pid'
2015-10-10 16:46:52 MANAGEMENT: CMD 'state on'
2015-10-10 16:46:52 MANAGEMENT: CMD 'state'
2015-10-10 16:46:52 MANAGEMENT: CMD 'bytecount 1'
2015-10-10 16:46:52 MANAGEMENT: CMD 'hold release'
2015-10-10 16:46:52 MANAGEMENT: CMD 'username "Auth" "xxx.yyy"'
2015-10-10 16:46:52 MANAGEMENT: CMD 'password [...]'
2015-10-10 16:46:52 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2015-10-10 16:46:52 Socket Buffers: R=[196724->65536] S=[9216->65536]
2015-10-10 16:46:52 MANAGEMENT: >STATE:1444484812,RESOLVE,,,
2015-10-10 16:46:52 UDPv4 link local: [undef]
2015-10-10 16:46:52 UDPv4 link remote: [AF_INET]w.x.y.z:5511
2015-10-10 16:46:52 MANAGEMENT: >STATE:1444484812,WAIT,,,
2015-10-10 16:46:52 MANAGEMENT: >STATE:1444484812,AUTH,,,
2015-10-10 16:46:52 TLS: Initial packet from [AF_INET]w.x.y.z:5511, sid=ec458d86 98a6ef5c
2015-10-10 16:46:52 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2015-10-10 16:46:52 VERIFY OK: depth=1, C=US, ST=CA, L=San Jose, O=xxx Inc., OU=EastDC, CN=xxx Inc. CA, name=EasyRSA, emailAddress=
n...@team.xxx.com2015-10-10 16:46:52 VERIFY OK: nsCertType=SERVER
2015-10-10 16:46:52 VERIFY OK: depth=0, C=US, ST=CA, L=San Jose, O=xxx Inc., OU=EastDC, CN=spb-admins, name=EasyRSA, emailAddress=
n...@team.xxx.com2015-10-10 16:46:52 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2015-10-10 16:46:52 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2015-10-10 16:46:52 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2015-10-10 16:46:52 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2015-10-10 16:46:52 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2015-10-10 16:46:52 [spb-admins] Peer Connection Initiated with [AF_INET]w.x.y.z:5511
2015-10-10 16:46:53 MANAGEMENT: >STATE:1444484813,GET_CONFIG,,,
2015-10-10 16:46:54 SENT CONTROL [spb-admins]: 'PUSH_REQUEST' (status=1)
2015-10-10 16:46:54 PUSH: Received control message: 'PUSH_REPLY,route 192.168.2.0 255.255.255.0,route 50.117.24.96 255.255.255.224,route 69.46.91.194 255.255.255.255,route 69.46.91.197 255.255.255.255,route 70.33.176.0 255.255.255.224,route 80.254.60.0 255.255.255.240,dhcp-option DNS 172.16.1.1,dhcp-option DNS 8.8.8.8,dhcp-option DOMAIN .,route-gateway 172.16.1.1,ifconfig 172.16.1.9 255.255.255.0'
2015-10-10 16:46:54 OPTIONS IMPORT: --ifconfig/up options modified
2015-10-10 16:46:54 OPTIONS IMPORT: route options modified
2015-10-10 16:46:54 OPTIONS IMPORT: route-related options modified
2015-10-10 16:46:54 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2015-10-10 16:46:54 TUN/TAP device /dev/tap0 opened
2015-10-10 16:46:54 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2015-10-10 16:46:54 MANAGEMENT: >STATE:1444484814,ASSIGN_IP,,172.16.1.9,
2015-10-10 16:46:54 /sbin/ifconfig tap0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2015-10-10 16:46:54 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2015-10-10 16:46:54 /sbin/ifconfig tap0 172.16.1.9 netmask 255.255.255.0 mtu 1500 up
2015-10-10 16:46:54 /Applications/Tunnelblick.app/Contents/Resources/
client.up.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw tap0 1500 1574 172.16.1.9 255.255.255.0 init
**********************************************
Configuring tap DNS via OpenVPN
Retrieved from OpenVPN: name server(s) [ 172.16.1.1 172.16.1.1 8.8.8.8 ], domain name [ . ], search domain(s) [ ], and SMB server(s) [ ]
Not aggregating ServerAddresses because running on OS X 10.6 or higher
Setting search domains to '.' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected
Saved the DNS and SMB configurations so they can be restored
Changed DNS ServerAddresses setting from '172.23.32.1' to '172.16.1.1 172.16.1.1 8.8.8.8'
Changed DNS SearchDomains setting from '' to '.'
Changed DNS DomainName setting from '' to '.'
Did not change SMB NetBIOSName setting of ''
Did not change SMB Workgroup setting of ''
Did not change SMB WINSAddresses setting of ''
DNS servers '172.16.1.1 172.16.1.1 8.8.8.8' will be used for DNS queries when the VPN is active
NOTE: The DNS servers include one or more free public DNS servers known to Tunnelblick and one or more DNS servers not known to Tunnelblick. If used, the DNS servers not known to Tunnelblick may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
Setting up to monitor system configuration with process-network-changes
**********************************************
2015-10-10 16:46:57 MANAGEMENT: >STATE:1444484817,ADD_ROUTES,,,
2015-10-10 16:46:57 /sbin/route add -net 192.168.2.0 172.16.1.1 255.255.255.0
2015-10-10 16:46:57 /sbin/route add -net 50.117.24.96 172.16.1.1 255.255.255.224
2015-10-10 16:46:57 /sbin/route add -net 69.46.91.194 172.16.1.1 255.255.255.255
2015-10-10 16:46:57 /sbin/route add -net 69.46.91.197 172.16.1.1 255.255.255.255
2015-10-10 16:46:57 /sbin/route add -net 70.33.176.0 172.16.1.1 255.255.255.224
2015-10-10 16:46:57 /sbin/route add -net 80.254.60.0 172.16.1.1 255.255.255.240
2015-10-10 16:46:57 Initialization Sequence Completed
2015-10-10 16:46:57 MANAGEMENT: >STATE:1444484817,CONNECTED,SUCCESS,172.16.1.9,w.x.y.z
2015-10-10 16:46:58 *Tunnelblick: No 'connected.sh' script to execute
2015-10-10 16:47:02 *Tunnelblick process-network-changes: A system configuration change was ignored
2015-10-10 16:47:03 *Tunnelblick: This computer's apparent public IP address (95.161.239.97) was unchanged after the connection was made