Reset the primary interface not working
309 views
Skip to first unread message
camero...@gmail.com
May 8, 2016, 6:02:35 AM5/8/16
to tunnelblick-discuss
Hello all,
In recent builds the option to 'reset the primary interface after disconnecting' no longer works for me. I have tested versions 3.6.1, 3.6.3, and 3.6.4beta02 (using the uninstaller and rebooting between versions) and none of them reset the interface upon disconnect. However I did try the 3.5.9 build listed on the site and was able to successfully have it reset the interface upon disconnect, which leads me to believe that this is not just an issue unique to me.
Has anyone else experienced this? I was unable to find any good search results on the issue.
jkbull...gmail.com
May 8, 2016, 6:28:13 AM5/8/16
to tunnelblick-discuss, camero...@gmail.com
Please follow the instructions at Read Before You Post to get the info needed to diagnose problems and then post that info.
In this situation, posting the info obtained from using both 3.5.9 and 3.6.4beta02 would be the best way to do it, so we can see exactly what's changed.
In this situation, posting the info obtained from using both 3.5.9 and 3.6.4beta02 would be the best way to do it, so we can see exactly what's changed.
Cameron
May 8, 2016, 11:28:21 AM5/8/16
to tunnelblick-discuss
Apologies, I meant to attach log files, but was unable to find my post to edit before the mod approved. Here's the logs after I hit the disconnect button (all logs before are fine), it is clear in the 3.6.4beta02 log that the client.down.tunnelblick.sh script does not finish running and stops after 'Restored the DNS and SMB configurations.' I will look into the script to see if I can see anything stands out as to why it might stop. I have obfuscated some of the identifying IP information using 10.x.x.x, 10.x.x.y, and remote_ip_addr.
3.6.4beta02:
2016-05-08 09:56:45 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed
2016-05-08 09:56:46 *Tunnelblick: No 'pre-disconnect.sh' script to execute
2016-05-08 09:56:46 *Tunnelblick: Disconnecting using 'kill'
2016-05-08 09:56:46 us=293453 event_wait : Interrupted system call (code=4)
2016-05-08 09:56:46 us=294107 TCP/UDP: Closing socket
2016-05-08 09:56:46 us=294311 /sbin/route delete -net 10.x.x.x 10.x.x.y 255.255.255.255
delete net 10.x.x.x: gateway 10.x.x.y
2016-05-08 09:56:46 us=297601 /sbin/route delete -net remote_ip_addr 192.168.1.1 255.255.255.255
delete net remote_ip_addr: gateway 192.168.1.1
2016-05-08 09:56:46 us=300746 /sbin/route delete -net 0.0.0.0 10.x.x.y 128.0.0.0
delete net 0.0.0.0: gateway 10.x.x.y
2016-05-08 09:56:46 us=303044 /sbin/route delete -net 128.0.0.0 10.x.x.y 128.0.0.0
delete net 128.0.0.0: gateway 10.x.x.y
2016-05-08 09:56:46 us=305257 Closing TUN/TAP interface
2016-05-08 09:56:46 us=305732 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw utun0 1500 1606 10.x.x.x0 10.x.x.y init
**********************************************
Start of output from client.down.tunnelblick.sh
Cancelled monitoring of system configuration changes
Restored the DNS and SMB configurations
2016-05-08 09:56:46 us=442509 SIGTERM[hard,] received, process exiting
2016-05-08 09:56:46 us=442709 MANAGEMENT: >STATE:1462719406,EXITING,SIGTERM,,
2016-05-08 09:56:46 *Tunnelblick: No 'post-disconnect.sh' script to execute
2016-05-08 09:56:46 *Tunnelblick: Expected disconnection occurred.
3.5.9:
2016-05-08 10:14:56 *Tunnelblick: Disconnecting; 'Disconnect' (toggle) menu command invoked
2016-05-08 10:14:56 *Tunnelblick: Disconnecting using 'kill'
2016-05-08 10:14:56 event_wait : Interrupted system call (code=4)
2016-05-08 10:14:56 /sbin/route delete -net 10.x.x.x 10.x.x.y 255.255.255.255
delete net 10.x.x.x: gateway 10.x.x.y
2016-05-08 10:14:56 /sbin/route delete -net remote_ip_addr 192.168.1.1 255.255.255.255
delete net remote_ip_addr: gateway 192.168.1.1
2016-05-08 10:14:56 /sbin/route delete -net 0.0.0.0 10.x.x.y 128.0.0.0
delete net 0.0.0.0: gateway 10.x.x.y
2016-05-08 10:14:56 /sbin/route delete -net 128.0.0.0 10.x.x.y 128.0.0.0
delete net 128.0.0.0: gateway 10.x.x.y
2016-05-08 10:14:56 Closing TUN/TAP interface
2016-05-08 10:14:56 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -d -f -m -r -w -ptADGNWradsgnw utun0 1500 1606 10.x.x.x0 10.x.x.y init
**********************************************
Start of output from client.down.tunnelblick.sh
Cancelled monitoring of system configuration changes
Restored the DNS and SMB configurations
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
Resetting primary interface 'en0' via networksetup -setairportpower en0 off/on...
End of output from client.down.tunnelblick.sh
**********************************************
2016-05-08 10:14:59 SIGTERM[hard,] received, process exiting
2016-05-08 10:14:59 MANAGEMENT: >STATE:1462720499,EXITING,SIGTERM,,
2016-05-08 10:15:01 *Tunnelblick: No 'post-disconnect.sh' script to execute
2016-05-08 10:15:01 *Tunnelblick: Expected disconnection occurred.
jkbull...gmail.com
May 8, 2016, 5:35:14 PM5/8/16
to tunnelblick-discuss, camero...@gmail.com
Thanks, but the reason I ask for the full "diagnostic info" is that it usually provides all the the info needed to diagnose the problem. The little bit of the log that you provided isn't really useful.
If you want help, please post the full info as described in the instructions at Read Before You Post – redacted as you wish, of course.
Cameron
May 8, 2016, 6:39:05 PM5/8/16
to tunnelblick-discuss
Note: The default network adapter is en0 for this system.
Note: I use DNSCrypt so I have manually set the DNS servers to 127.0.0.1
*Tunnelblick: OS X 10.11.4; Tunnelblick 3.6.3 (build 4560); Admin user
git commit de3da06d3f99c6839b7ffc5b18f7b3252a79fa8a
Configuration client
"Sanitized" condensed configuration file for /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk:
client
dev tun
auth-user-pass
proto udp
remote remote_ip_addr 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
mute-replay-warnings
ca ca.crt
auth SHA512
cipher AES-256-CBC
verb 3
fragment 1400
mssfix
reneg-sec 0
tun-mtu 1500
tls-version-min 1.2
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
143 3 0xffffff7f82d4d000 0x63000 0x63000 org.virtualbox.kext.VBoxDrv (5.0.20) 63689CCF-CA21-3900-B5C6-487E41A57997 <7 5 4 3 1>
145 0 0xffffff7f82db0000 0x8000 0x8000 org.virtualbox.kext.VBoxUSB (5.0.20) F158578A-D7B0-3B85-B742-9E7867BCF948 <144 143 39 7 5 4 3 1>
146 0 0xffffff7f82db8000 0x5000 0x5000 org.virtualbox.kext.VBoxNetFlt (5.0.20) FF55D9DF-7F3D-3827-BE31-B319D57BBCF8 <143 7 5 4 3 1>
147 0 0xffffff7f82dbd000 0x6000 0x6000 org.virtualbox.kext.VBoxNetAdp (5.0.20) FEA9836D-EE06-392E-903E-9CDC607668D5 <143 5 4 1>
================================================================================
There are no unusual files in client.tblk
================================================================================
Configuration preferences:
-resetPrimaryInterfaceAfterDisconnect = 1
-routeAllTrafficThroughVpn = 1
-keychainHasUsernameAndPassword = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-keepConnected = 1
-lastConnectionSucceeded = 1
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
================================================================================
Program preferences:
placeIconInStandardPositionInStatusBar = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
tunnelblickVersionHistory = (
"3.6.3 (build 4560)"
)
lastLaunchTime = 484438180.898178
showConnectedDurations = 1
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = client
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
updateSendProfileInfo = 0
tunnelblickdHash = 982f7a7b2b98739801aa88b72712259b30dea31dbe8f2662db447888ff2ff295
tunnelblickdPlistHash = ce400d395d1801b003398461b5420021f4d591822783a04b79b2f43956d28620
NSWindow Frame ConnectingWindow = 514 436 412 297 0 0 1440 877
detailsWindowFrameVersion = 4560
detailsWindowFrame = {{260, 307}, {920, 468}}
detailsWindowLeftFrame = {{0, 0}, {165, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = settings
leftNavSelectedDisplayName = client
AdvancedWindowTabIdentifier = vpnCredentials
haveDealtWithSparkle1dot5b6 = 1
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
SUEnableAutomaticChecks = 1
SUFeedURL = https://www.tunnelblick.net/appcast-s.rss
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 0
SULastCheckTime = 2016-05-08 22:09:40 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 16
WebKitStandardFont = Times
================================================================================
Tunnelblick Log:
*Tunnelblick: OS X 10.11.4; Tunnelblick 3.6.3 (build 4560)
2016-05-08 17:11:42 *Tunnelblick: Attempting connection with client using shadow copy; Set nameserver = 769; monitoring connection
2016-05-08 17:11:42 *Tunnelblick: OpenVPNstart start New\ York.tblk 1338 769 0 1 0 1066800 -ptADGNWradsgnw 2.3.10
2016-05-08 17:11:42 *Tunnelblick: OpenVPNstart log:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/OpenVPN/OpenVPN-2.3.10/OpenVPN
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sclient.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1066800.1338.OpenVPN.log
--cd
/Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources
--verb
3
--config
/Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources
--management
127.0.0.1
1338
--management-query-passwords
--management-hold
--redirect-gateway
def1
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw
--down
Note: I use DNSCrypt so I have manually set the DNS servers to 127.0.0.1
*Tunnelblick: OS X 10.11.4; Tunnelblick 3.6.3 (build 4560); Admin user
git commit de3da06d3f99c6839b7ffc5b18f7b3252a79fa8a
Configuration client
"Sanitized" condensed configuration file for /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk:
client
dev tun
auth-user-pass
proto udp
remote remote_ip_addr 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
mute-replay-warnings
ca ca.crt
auth SHA512
cipher AES-256-CBC
verb 3
fragment 1400
mssfix
reneg-sec 0
tun-mtu 1500
tls-version-min 1.2
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
143 3 0xffffff7f82d4d000 0x63000 0x63000 org.virtualbox.kext.VBoxDrv (5.0.20) 63689CCF-CA21-3900-B5C6-487E41A57997 <7 5 4 3 1>
145 0 0xffffff7f82db0000 0x8000 0x8000 org.virtualbox.kext.VBoxUSB (5.0.20) F158578A-D7B0-3B85-B742-9E7867BCF948 <144 143 39 7 5 4 3 1>
146 0 0xffffff7f82db8000 0x5000 0x5000 org.virtualbox.kext.VBoxNetFlt (5.0.20) FF55D9DF-7F3D-3827-BE31-B319D57BBCF8 <143 7 5 4 3 1>
147 0 0xffffff7f82dbd000 0x6000 0x6000 org.virtualbox.kext.VBoxNetAdp (5.0.20) FEA9836D-EE06-392E-903E-9CDC607668D5 <143 5 4 1>
================================================================================
There are no unusual files in client.tblk
================================================================================
Configuration preferences:
-resetPrimaryInterfaceAfterDisconnect = 1
-routeAllTrafficThroughVpn = 1
-keychainHasUsernameAndPassword = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-keepConnected = 1
-lastConnectionSucceeded = 1
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
================================================================================
Program preferences:
placeIconInStandardPositionInStatusBar = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
tunnelblickVersionHistory = (
"3.6.3 (build 4560)"
)
lastLaunchTime = 484438180.898178
showConnectedDurations = 1
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = client
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
updateSendProfileInfo = 0
tunnelblickdHash = 982f7a7b2b98739801aa88b72712259b30dea31dbe8f2662db447888ff2ff295
tunnelblickdPlistHash = ce400d395d1801b003398461b5420021f4d591822783a04b79b2f43956d28620
NSWindow Frame ConnectingWindow = 514 436 412 297 0 0 1440 877
detailsWindowFrameVersion = 4560
detailsWindowFrame = {{260, 307}, {920, 468}}
detailsWindowLeftFrame = {{0, 0}, {165, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = settings
leftNavSelectedDisplayName = client
AdvancedWindowTabIdentifier = vpnCredentials
haveDealtWithSparkle1dot5b6 = 1
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
SUEnableAutomaticChecks = 1
SUFeedURL = https://www.tunnelblick.net/appcast-s.rss
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 0
SULastCheckTime = 2016-05-08 22:09:40 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 16
WebKitStandardFont = Times
================================================================================
Tunnelblick Log:
*Tunnelblick: OS X 10.11.4; Tunnelblick 3.6.3 (build 4560)
2016-05-08 17:11:42 *Tunnelblick: Attempting connection with client using shadow copy; Set nameserver = 769; monitoring connection
2016-05-08 17:11:42 *Tunnelblick: OpenVPNstart start New\ York.tblk 1338 769 0 1 0 1066800 -ptADGNWradsgnw 2.3.10
2016-05-08 17:11:42 *Tunnelblick: OpenVPNstart log:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/OpenVPN/OpenVPN-2.3.10/OpenVPN
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Suser-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sclient.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1066800.1338.OpenVPN.log
--cd
/Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources
--verb
3
--config
/Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources
--management
127.0.0.1
1338
--management-query-passwords
--management-hold
--redirect-gateway
def1
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw
Retrieved from OpenVPN: name server(s) [ 8.8.8.8 8.8.4.4 ], search domain(s) [ ] and SMB server(s) [ ] and using default domain name [ OpenVPN ]
WARNING: Ignoring ServerAddresses '8.8.8.8 8.8.4.4' because ServerAddresses was set manually
Setting search domains to 'OpenVPN' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected
Saved the DNS and SMB configurations so they can be restored
Did not change DNS ServerAddresses setting of '127.0.0.1' (but re-set it)
Changed DNS SearchDomains setting from '' to 'OpenVPN'
Changed DNS DomainName setting from '' to 'OpenVPN'
Did not change SMB NetBIOSName setting of ''
Did not change SMB Workgroup setting of ''
Did not change SMB WINSAddresses setting of ''
DNS servers '127.0.0.1' were set manually
DNS servers '127.0.0.1' will be used for DNS queries when the VPN is active
NOTE: DNS server 127.0.0.1 often is used inside virtual machines (e.g., 'VirtualBox', 'Parallels', or 'VMWare'). The actual VPN server may be specified by the host machine. This DNS server setting may cause DNS queries to fail or be intercepted or falsified. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
WARNING: Ignoring ServerAddresses '8.8.8.8 8.8.4.4' because ServerAddresses was set manually
Setting search domains to 'OpenVPN' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected
Saved the DNS and SMB configurations so they can be restored
Did not change DNS ServerAddresses setting of '127.0.0.1' (but re-set it)
Changed DNS SearchDomains setting from '' to 'OpenVPN'
Changed DNS DomainName setting from '' to 'OpenVPN'
Did not change SMB NetBIOSName setting of ''
Did not change SMB Workgroup setting of ''
Did not change SMB WINSAddresses setting of ''
DNS servers '127.0.0.1' were set manually
DNS servers '127.0.0.1' will be used for DNS queries when the VPN is active
NOTE: DNS server 127.0.0.1 often is used inside virtual machines (e.g., 'VirtualBox', 'Parallels', or 'VMWare'). The actual VPN server may be specified by the host machine. This DNS server setting may cause DNS queries to fail or be intercepted or falsified. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
Setting up to monitor system configuration with process-network-changes
End of output from client.up.tunnelblick.sh
**********************************************
2016-05-08 17:11:42 *Tunnelblick: Established communication with OpenVPN
2016-05-08 17:11:42 OpenVPN 2.3.10 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on May 3 2016
2016-05-08 17:11:42 library versions: OpenSSL 1.0.2h 3 May 2016, LZO 2.09
2016-05-08 17:11:42 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1338
2016-05-08 17:11:42 Need hold release from management interface, waiting...
2016-05-08 17:11:42 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1338
2016-05-08 17:11:42 MANAGEMENT: CMD 'pid'
2016-05-08 17:11:42 MANAGEMENT: CMD 'state on'
2016-05-08 17:11:42 MANAGEMENT: CMD 'state'
2016-05-08 17:11:42 MANAGEMENT: CMD 'bytecount 1'
2016-05-08 17:11:42 MANAGEMENT: CMD 'hold release'
2016-05-08 17:11:42 *Tunnelblick: OpenVPNstart starting OpenVPN
2016-05-08 17:11:50 MANAGEMENT: CMD 'username "Auth" "username"'
2016-05-08 17:11:50 MANAGEMENT: CMD 'password [...]'
2016-05-08 17:11:50 WARNING: No server certificate verification method has been enabled. See http://OpenVPN.net/howto.html#mitm for more info.
2016-05-08 17:11:50 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2016-05-08 17:11:50 Socket Buffers: R=[196724->196724] S=[9216->9216]
2016-05-08 17:11:50 UDPv4 link local: [undef]
2016-05-08 17:11:50 UDPv4 link remote: [AF_INET]remote_ip_addr:1194
2016-05-08 17:11:50 MANAGEMENT: >STATE:1462745510,WAIT,,,
2016-05-08 17:11:50 MANAGEMENT: >STATE:1462745510,AUTH,,,
2016-05-08 17:11:50 TLS: Initial packet from [AF_INET]remote_ip_addr:1194, sid=59f0e32a e3bfb3a5
2016-05-08 17:11:50 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2016-05-08 17:11:51 VERIFY OK: depth=1, CA_INFO
2016-05-08 17:11:51 VERIFY OK: depth=0, CA_INFO
2016-05-08 17:11:51 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2016-05-08 17:11:51 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
2016-05-08 17:11:51 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2016-05-08 17:11:51 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
2016-05-08 17:11:51 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2016-05-08 17:11:51 [server] Peer Connection Initiated with [AF_INET]remote_ip_addr:1194
2016-05-08 17:11:52 MANAGEMENT: >STATE:1462745512,GET_CONFIG,,,
2016-05-08 17:11:53 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2016-05-08 17:11:53 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.x.x.y,topology net30,ping 10,ping-restart 120,ifconfig 10.x.x.z 10.x.x.x'
2016-05-08 17:11:53 OPTIONS IMPORT: timers and/or timeouts modified
2016-05-08 17:11:53 OPTIONS IMPORT: --ifconfig/up options modified
2016-05-08 17:11:53 OPTIONS IMPORT: route options modified
2016-05-08 17:11:53 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2016-05-08 17:11:53 Opened utun device utun0
2016-05-08 17:11:53 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2016-05-08 17:11:53 MANAGEMENT: >STATE:1462745513,ASSIGN_IP,,10.x.x.z,
2016-05-08 17:11:53 /sbin/ifconfig utun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2016-05-08 17:11:53 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2016-05-08 17:11:53 /sbin/ifconfig utun0 10.x.x.z 10.x.x.x mtu 1500 netmask 255.255.255.255 up
2016-05-08 17:11:53 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw utun0 1500 1606 10.x.x.z 10.x.x.x init
**********************************************
Start of output from client.up.tunnelblick.sh
2016-05-08 17:11:57 *Tunnelblick: No 'connected.sh' script to execute
2016-05-08 17:11:57 /sbin/route add -net remote_ip_addr 192.168.1.1 255.255.255.255
add net remote_ip_addr: gateway 192.168.1.1
2016-05-08 17:11:57 /sbin/route add -net 0.0.0.0 10.x.x.x 128.0.0.0
add net 0.0.0.0: gateway 10.x.x.x
2016-05-08 17:11:57 /sbin/route add -net 128.0.0.0 10.x.x.x 128.0.0.0
add net 128.0.0.0: gateway 10.x.x.x
2016-05-08 17:11:57 MANAGEMENT: >STATE:1462745517,ADD_ROUTES,,,
2016-05-08 17:11:57 /sbin/route add -net 10.x.x.y 10.x.x.x 255.255.255.255
add net 10.x.x.y: gateway 10.x.x.x
2016-05-08 17:11:57 Initialization Sequence Completed
2016-05-08 17:11:57 MANAGEMENT: >STATE:1462745517,CONNECTED,SUCCESS,10.x.x.z,remote_ip_addr
2016-05-08 17:12:02 *Tunnelblick process-network-changes: A system configuration change was ignored
2016-05-08 17:12:05 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed
2016-05-08 17:12:05 *Tunnelblick: No 'pre-disconnect.sh' script to execute
2016-05-08 17:12:05 *Tunnelblick: Disconnecting using 'kill'
2016-05-08 17:12:05 event_wait : Interrupted system call (code=4)
2016-05-08 17:12:05 /sbin/route delete -net 10.x.x.y 10.x.x.x 255.255.255.255
delete net 10.x.x.y: gateway 10.x.x.x
2016-05-08 17:12:05 /sbin/route delete -net remote_ip_addr 192.168.1.1 255.255.255.255
End of output from client.up.tunnelblick.sh
**********************************************
2016-05-08 17:11:42 *Tunnelblick: Established communication with OpenVPN
2016-05-08 17:11:42 OpenVPN 2.3.10 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on May 3 2016
2016-05-08 17:11:42 library versions: OpenSSL 1.0.2h 3 May 2016, LZO 2.09
2016-05-08 17:11:42 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1338
2016-05-08 17:11:42 Need hold release from management interface, waiting...
2016-05-08 17:11:42 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1338
2016-05-08 17:11:42 MANAGEMENT: CMD 'pid'
2016-05-08 17:11:42 MANAGEMENT: CMD 'state on'
2016-05-08 17:11:42 MANAGEMENT: CMD 'state'
2016-05-08 17:11:42 MANAGEMENT: CMD 'bytecount 1'
2016-05-08 17:11:42 MANAGEMENT: CMD 'hold release'
2016-05-08 17:11:42 *Tunnelblick: OpenVPNstart starting OpenVPN
2016-05-08 17:11:50 MANAGEMENT: CMD 'username "Auth" "username"'
2016-05-08 17:11:50 MANAGEMENT: CMD 'password [...]'
2016-05-08 17:11:50 WARNING: No server certificate verification method has been enabled. See http://OpenVPN.net/howto.html#mitm for more info.
2016-05-08 17:11:50 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2016-05-08 17:11:50 Socket Buffers: R=[196724->196724] S=[9216->9216]
2016-05-08 17:11:50 UDPv4 link local: [undef]
2016-05-08 17:11:50 UDPv4 link remote: [AF_INET]remote_ip_addr:1194
2016-05-08 17:11:50 MANAGEMENT: >STATE:1462745510,WAIT,,,
2016-05-08 17:11:50 MANAGEMENT: >STATE:1462745510,AUTH,,,
2016-05-08 17:11:50 TLS: Initial packet from [AF_INET]remote_ip_addr:1194, sid=59f0e32a e3bfb3a5
2016-05-08 17:11:50 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2016-05-08 17:11:51 VERIFY OK: depth=1, CA_INFO
2016-05-08 17:11:51 VERIFY OK: depth=0, CA_INFO
2016-05-08 17:11:51 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2016-05-08 17:11:51 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
2016-05-08 17:11:51 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
2016-05-08 17:11:51 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
2016-05-08 17:11:51 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2016-05-08 17:11:51 [server] Peer Connection Initiated with [AF_INET]remote_ip_addr:1194
2016-05-08 17:11:52 MANAGEMENT: >STATE:1462745512,GET_CONFIG,,,
2016-05-08 17:11:53 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2016-05-08 17:11:53 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.x.x.y,topology net30,ping 10,ping-restart 120,ifconfig 10.x.x.z 10.x.x.x'
2016-05-08 17:11:53 OPTIONS IMPORT: timers and/or timeouts modified
2016-05-08 17:11:53 OPTIONS IMPORT: --ifconfig/up options modified
2016-05-08 17:11:53 OPTIONS IMPORT: route options modified
2016-05-08 17:11:53 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2016-05-08 17:11:53 Opened utun device utun0
2016-05-08 17:11:53 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2016-05-08 17:11:53 MANAGEMENT: >STATE:1462745513,ASSIGN_IP,,10.x.x.z,
2016-05-08 17:11:53 /sbin/ifconfig utun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2016-05-08 17:11:53 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2016-05-08 17:11:53 /sbin/ifconfig utun0 10.x.x.z 10.x.x.x mtu 1500 netmask 255.255.255.255 up
2016-05-08 17:11:53 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw utun0 1500 1606 10.x.x.z 10.x.x.x init
**********************************************
Start of output from client.up.tunnelblick.sh
2016-05-08 17:11:57 *Tunnelblick: No 'connected.sh' script to execute
2016-05-08 17:11:57 /sbin/route add -net remote_ip_addr 192.168.1.1 255.255.255.255
add net remote_ip_addr: gateway 192.168.1.1
2016-05-08 17:11:57 /sbin/route add -net 0.0.0.0 10.x.x.x 128.0.0.0
add net 0.0.0.0: gateway 10.x.x.x
2016-05-08 17:11:57 /sbin/route add -net 128.0.0.0 10.x.x.x 128.0.0.0
add net 128.0.0.0: gateway 10.x.x.x
2016-05-08 17:11:57 MANAGEMENT: >STATE:1462745517,ADD_ROUTES,,,
2016-05-08 17:11:57 /sbin/route add -net 10.x.x.y 10.x.x.x 255.255.255.255
add net 10.x.x.y: gateway 10.x.x.x
2016-05-08 17:11:57 Initialization Sequence Completed
2016-05-08 17:11:57 MANAGEMENT: >STATE:1462745517,CONNECTED,SUCCESS,10.x.x.z,remote_ip_addr
2016-05-08 17:12:02 *Tunnelblick process-network-changes: A system configuration change was ignored
2016-05-08 17:12:05 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed
2016-05-08 17:12:05 *Tunnelblick: No 'pre-disconnect.sh' script to execute
2016-05-08 17:12:05 *Tunnelblick: Disconnecting using 'kill'
2016-05-08 17:12:05 event_wait : Interrupted system call (code=4)
2016-05-08 17:12:05 /sbin/route delete -net 10.x.x.y 10.x.x.x 255.255.255.255
delete net 10.x.x.y: gateway 10.x.x.x
2016-05-08 17:12:05 /sbin/route delete -net remote_ip_addr 192.168.1.1 255.255.255.255
delete net remote_ip_addr: gateway 192.168.1.1
2016-05-08 17:12:05 /sbin/route delete -net 0.0.0.0 10.x.x.x 128.0.0.0
delete net 0.0.0.0: gateway 10.x.x.x
2016-05-08 17:12:05 /sbin/route delete -net 128.0.0.0 10.x.x.x 128.0.0.0
delete net 128.0.0.0: gateway 10.x.x.x
2016-05-08 17:12:05 Closing TUN/TAP interface
2016-05-08 17:12:05 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw utun0 1500 1606 10.x.x.z 10.x.x.x init
delete net 0.0.0.0: gateway 10.x.x.x
2016-05-08 17:12:05 /sbin/route delete -net 128.0.0.0 10.x.x.x 128.0.0.0
delete net 128.0.0.0: gateway 10.x.x.x
2016-05-08 17:12:05 Closing TUN/TAP interface
2016-05-08 17:12:05 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw utun0 1500 1606 10.x.x.z 10.x.x.x init
**********************************************
Start of output from client.down.tunnelblick.sh
Cancelled monitoring of system configuration changes
Restored the DNS and SMB configurations
2016-05-08 17:12:06 SIGTERM[hard,] received, process exiting
2016-05-08 17:12:06 MANAGEMENT: >STATE:1462745526,EXITING,SIGTERM,,
2016-05-08 17:12:06 *Tunnelblick: No 'post-disconnect.sh' script to execute
2016-05-08 17:12:06 *Tunnelblick: Expected disconnection occurred.
================================================================================
"Sanitized" full configuration file
client
dev tun
auth-user-pass
proto udp
remote remote_ip_addr 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
mute-replay-warnings
ca ca.crt
auth SHA512
cipher AES-256-CBC
verb 3
fragment 1400
mssfix
reneg-sec 0
tun-mtu 1500
tls-version-min 1.2
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=1<PERFORMNUD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether MAC_HIDDEN
inet 192.168.x.x netmask 0xffffff00 broadcast 192.168.1.255
media: autoselect
status: active
en1: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
options=60<TSO4,TSO6>
ether MAC_HIDDEN
media: autoselect <full-duplex>
status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether MAC_HIDDEN
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether MAC_HIDDEN
inet6 ADDR_HIDDEN %awdl0 prefixlen 64 scopeid 0x7
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether MAC_HIDDEN
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 5 priority 0 path cost 0
media: <unknown type>
status: inactive
================================================================================
Console Log:
2016-05-08 17:09:40 Tunnelblick[808] Tunnelblick: OS X 10.11.4; Tunnelblick 3.6.3 (build 4560)
2016-05-08 17:09:40 Tunnelblick[808] Set the new '*-notOKToCheckThatIPAddressDidNotChangeAfterConnection' preference from the 'notOKToCheckThatIPAddressDidNotChangeAfterConnection' preference
2016-05-08 17:09:40 Tunnelblick[808] Set program update feedURL to https://www.tunnelblick.net/appcast-s.rss
2016-05-08 17:11:22 Tunnelblick[808] Converting/Installing /Users/user/Desktop/tunneblick-backup/Configurations/client.tblk/Contents/Resources/config.ovpn: One or more CR characters have been removed or replaced with LF characters
2016-05-08 17:11:22 Tunnelblick[808] Converting/Installing /Users/user/Desktop/tunneblick-backup/Configurations/client.tblk/Contents/Resources/config.ovpn: One or more CR characters have been removed or replaced with LF characters
2016-05-08 17:11:22 Tunnelblick[808] Converting/Installing /Users/user/Desktop/tunneblick-backup/Configurations/client.tblk/Contents/Resources/config.ovpn at line 19: Copied ca.crt
2016-05-08 17:11:22 Tunnelblick[808] Changed permissions from 644 to 740 on /private/var/folders/3k/v9lnccln1haB61v81blzitr0000gn/T/Tunnelblick-N6dPCn/client.tblk/Contents/Resources/ca.crt
2016-05-08 17:11:22 Tunnelblick[808] Converting/Installing /Users/user/Desktop/tunneblick-backup/Configurations/client.tblk/Contents/Resources/config.ovpn: Converted OpenVPN configuration
2016-05-08 17:11:28 Tunnelblick[808] localNameFromDisplayName: 'client' is not a known displayName
2016-05-08 17:11:28 Tunnelblick[808] Beginning installation or repair
2016-05-08 17:11:28 authexec[946] executing /Applications/Tunnelblick.app/Contents/Resources/installer
2016-05-08 17:11:28 Tunnelblick[808] Installation or repair succeeded; Log:
Tunnelblick installer started 2016-05-08 17:11:28. 3 arguments: 0x0001
/Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk
/private/var/folders/3k/v9tncc1n1hn861vhzblzjttr0000gn/T/Tunnelblick-N6dPCn/client.tblk
Copied /private/var/folders/3k/v9tncc1n1hn861vhzblzjttr0000gn/T/Tunnelblick-N6dPCn/client.tblk
to /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk.temp
Renamed /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk.temp
to /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk
Changed ownership of /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk and its contents from 501:20 to 501:80
Copied /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk
to /Library/Application Support/Tunnelblick/Users/user/client.tblk.temp
Renamed /Library/Application Support/Tunnelblick/Users/user/client.tblk.temp
to /Library/Application Support/Tunnelblick/Users/user/client.tblk
Changed ownership of /Library/Application Support/Tunnelblick/Users/user/client.tblk and its contents from 501:80 to 0:0
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/user/client.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources/config.ovpn
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources/ca.crt
Created secure (shadow) copy of client.tblk
Tunnelblick installer finished without error
2016-05-08 17:12:06 MANAGEMENT: >STATE:1462745526,EXITING,SIGTERM,,
2016-05-08 17:12:06 *Tunnelblick: No 'post-disconnect.sh' script to execute
2016-05-08 17:12:06 *Tunnelblick: Expected disconnection occurred.
================================================================================
"Sanitized" full configuration file
client
dev tun
auth-user-pass
proto udp
remote remote_ip_addr 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
mute-replay-warnings
ca ca.crt
auth SHA512
cipher AES-256-CBC
verb 3
fragment 1400
mssfix
reneg-sec 0
tun-mtu 1500
tls-version-min 1.2
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=1<PERFORMNUD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether MAC_HIDDEN
inet 192.168.x.x netmask 0xffffff00 broadcast 192.168.1.255
media: autoselect
status: active
en1: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
options=60<TSO4,TSO6>
ether MAC_HIDDEN
media: autoselect <full-duplex>
status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether MAC_HIDDEN
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether MAC_HIDDEN
inet6 ADDR_HIDDEN %awdl0 prefixlen 64 scopeid 0x7
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether MAC_HIDDEN
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 5 priority 0 path cost 0
media: <unknown type>
status: inactive
================================================================================
Console Log:
2016-05-08 17:09:40 Tunnelblick[808] Tunnelblick: OS X 10.11.4; Tunnelblick 3.6.3 (build 4560)
2016-05-08 17:09:40 Tunnelblick[808] Set the new '*-notOKToCheckThatIPAddressDidNotChangeAfterConnection' preference from the 'notOKToCheckThatIPAddressDidNotChangeAfterConnection' preference
2016-05-08 17:09:40 Tunnelblick[808] Set program update feedURL to https://www.tunnelblick.net/appcast-s.rss
2016-05-08 17:11:22 Tunnelblick[808] Converting/Installing /Users/user/Desktop/tunneblick-backup/Configurations/client.tblk/Contents/Resources/config.ovpn: One or more CR characters have been removed or replaced with LF characters
2016-05-08 17:11:22 Tunnelblick[808] Converting/Installing /Users/user/Desktop/tunneblick-backup/Configurations/client.tblk/Contents/Resources/config.ovpn: One or more CR characters have been removed or replaced with LF characters
2016-05-08 17:11:22 Tunnelblick[808] Converting/Installing /Users/user/Desktop/tunneblick-backup/Configurations/client.tblk/Contents/Resources/config.ovpn at line 19: Copied ca.crt
2016-05-08 17:11:22 Tunnelblick[808] Changed permissions from 644 to 740 on /private/var/folders/3k/v9lnccln1haB61v81blzitr0000gn/T/Tunnelblick-N6dPCn/client.tblk/Contents/Resources/ca.crt
2016-05-08 17:11:22 Tunnelblick[808] Converting/Installing /Users/user/Desktop/tunneblick-backup/Configurations/client.tblk/Contents/Resources/config.ovpn: Converted OpenVPN configuration
2016-05-08 17:11:28 Tunnelblick[808] localNameFromDisplayName: 'client' is not a known displayName
2016-05-08 17:11:28 Tunnelblick[808] Beginning installation or repair
2016-05-08 17:11:28 authexec[946] executing /Applications/Tunnelblick.app/Contents/Resources/installer
2016-05-08 17:11:28 Tunnelblick[808] Installation or repair succeeded; Log:
Tunnelblick installer started 2016-05-08 17:11:28. 3 arguments: 0x0001
/Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk
/private/var/folders/3k/v9tncc1n1hn861vhzblzjttr0000gn/T/Tunnelblick-N6dPCn/client.tblk
Copied /private/var/folders/3k/v9tncc1n1hn861vhzblzjttr0000gn/T/Tunnelblick-N6dPCn/client.tblk
to /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk.temp
Renamed /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk.temp
to /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk
Changed ownership of /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk and its contents from 501:20 to 501:80
Copied /Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk
to /Library/Application Support/Tunnelblick/Users/user/client.tblk.temp
Renamed /Library/Application Support/Tunnelblick/Users/user/client.tblk.temp
to /Library/Application Support/Tunnelblick/Users/user/client.tblk
Changed ownership of /Library/Application Support/Tunnelblick/Users/user/client.tblk and its contents from 501:80 to 0:0
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/user/client.tblk
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents
Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources/config.ovpn
Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources/ca.crt
Created secure (shadow) copy of client.tblk
Tunnelblick installer finished without error
jkbull...gmail.com
May 8, 2016, 7:13:43 PM5/8/16
to tunnelblick-discuss, camero...@gmail.com
Thanks. I think I see the problem.
I have attached a modified version of the standard "client.down.tunnelblick.sh" script (which is built into Tunnelblick), renamed to "down.sh". Copy the file into the
/Users/user/Library/Application Support/Tunnelblick/Configurations/client.tblk/Contents/Resources
folder, then try to connect the "client" configuration using Tunnelblick 3.6.3. Tunnelblick will use the file instead of its standard "down" script.
If it works, go ahead and use that until I make a new release with the fix.
If it still doesn't work, please post the contents of "/tmp/tunnelblick-down-script-log.txt" after trying ONE connect/disconnect cycle.
Good luck!
What changes are in the file
The file has a change to one line that may fix the problem, and a change to another line that will log additional info to "/tmp/tunnelblick-down-script-log.txt".
Here is a "diff -u" from the current file to the modified version:
@@ -21,7 +21,7 @@
# @param String message - The message to log
logDebugMessage()
{
- echo "${@}" > /dev/null
+ echo "${@}" >> /tmp/tunnelblick-down-script-log.txt
}
trim()
@@ -40,7 +40,7 @@
# This routine outputs log messages describing its activities.
if [ "$1" = "" ] ; then
- exit
+ return
fi
printf %s "$1
On Sunday, May 8, 2016 at 6:39:05 PM UTC-4, Cameron wrote:
Note: The default network adapter is en0 for this system.
Note: I use DNSCrypt so I have manually set the DNS servers to 127.0.0.1
*Tunnelblick: OS X 10.11.4; Tunnelblick 3.6.3 (build 4560); Admin user
git commit de3da06d3f99c6839b7ffc5b18f7b3252a79fa8a
<snip>
jkbull...gmail.com
May 8, 2016, 7:17:38 PM5/8/16
to tunnelblick-discuss, camero...@gmail.com
Oops, sorry for the typo:
On Sunday, May 8, 2016 at 7:13:43 PM UTC-4, jkbull...gmail.com wrote:
I have attached a modified version of the standard "client.down.tunnelblick.sh" script (which is built into Tunnelblick), renamed to "down.sh".
Actually, it is named to "down.tunnelblick.sh"; that is the name it needs to have when it is put inside the ".tblk".
Also, note that you will need to enter your computer admin username/password when you try to connect, because the configuration changed (when you added the file).
Cameron
May 8, 2016, 7:25:58 PM5/8/16
to tunnelblick-discuss
Works as intended. Below is the log tail showing the completion of the script.
Thanks for the help!
2016-05-08 18:19:53 /Library/Application Support/Tunnelblick/Users/user/client.tblk/Contents/Resources/down.tunnelblick.sh -9 -d -f -m -r -w -ptADGNWradsgnw utun0 1500 1606 10.x.x.x 10.x.x.y init
**********************************************
Start of output from down.tunnelblick.sh
Cancelled monitoring of system configuration changes
Restored the DNS and SMB configurations
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
Resetting primary interface 'en0' via networksetup -setairportpower en0 off/on...
End of output from down.tunnelblick.sh
**********************************************
2016-05-08 18:19:56 SIGTERM[hard,] received, process exiting
2016-05-08 18:19:56 MANAGEMENT: >STATE:1462749596,EXITING,SIGTERM,,
2016-05-08 18:19:57 *Tunnelblick: No 'post-disconnect.sh' script to execute
2016-05-08 18:19:57 *Tunnelblick: Expected disconnection occurred.
jkbull...gmail.com
May 8, 2016, 7:31:22 PM5/8/16
to tunnelblick-discuss
Great. Thanks for letting us know. This will be fixed in the next release.
If you have other configurations, you should copy the file into them, too (into the ...tblk/Contents/Resources/ folder of each one).
When you update Tunnelblick with a release that fixes the problem, you should remove the file(s) from the configuration(s).
Thanks again for reporting this problem and providing the info and testing needed to fix it.
jkbull...gmail.com
May 9, 2016, 8:19:46 AM5/9/16
to tunnelblick-discuss, camero...@gmail.com
Tunnelblick 3.6.4beta04 includes a fix for this problem. It is available on the Downloads page and as an update.
On Sunday, May 8, 2016 at 6:02:35 AM UTC-4, Cameron wrote:
Reply all
Reply to author
Forward
0 new messages