VPN connects successfully.
After VPN is connected, all DNS queries work fine using "nslookup", "dig" or "host".
However other programs like "ping", "safari", "ssh", etc. may not resolve any hostname any more, except those already cached before Tunnelblick started.
The name server associated with the VPN is 172.31.255.222.
It is set correctly (at 9:12:18 in the details below).
At this point of time DNS resolution is not working any more (as explained above)
The following behavior shown in the log below is not visible all the time. It may be triggered by some external event in the "Allianz" network I'm connected to at the moment. I've not seen it, when the WLAN was connected to other networks:
Approximatly 2 minutes after VPN establishment, Tunnelblick tries to revert the DNS setting to the pre-VPN values.
Though in the log this is shown on success, /etc/resolv.conf still shows VPN values and at this point of time suddenly DNS resolution starts to be functional (including all VPN hosts).
It seems, that Tunnelblick 3.7.5a is not able to update the MacOS resolver on High sierra 10.13.4 correctly.
However, when trying to revert the DNS settings, this suddenly succeeds.
The problem appeared first when then latest MacOS update (10.13.4) was applied (2 days ago).
*Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011); prior version 3.6.9 (build 4685); Admin user
git commit 8aa639b020f231f1cea64abfe272e6deedfa916b
Configuration clnt-muc-hamisch-mb
"Sanitized" condensed configuration file for /Library/Application Support/Tunnelblick/Shared/clnt-muc-hamisch-mb.tblk:
client
dev tun
proto udp
remote 194.49.60.7 9001
tls-remote "/C=DE/ST=BY/L=Munich/O=Strawberry/OU=IT/CN=sb-mucgw-00/name=Strawberry_VPN_access_point_munich/emailAddress=
loc...@strawberry.com"
resolv-retry infinite
nobind
persist-key
persist-tun
auth-user-pass
cipher AES-128-CBC
auth MD5
comp-lzo
verb 3
reneg-sec 0
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
159 0 0xffffff7f858c6000 0x1d000 0x1d000 com.McAfee.SFKext (1) 9A3A93A5-7270-3484-B55D-54C81770C43D <5 4 1>
161 0 0xffffff7f82f42000 0xf000 0xf000 com.McAfee.AVKext (1) 99F9C282-090A-3DEE-8149-ED15B224F634 <4 1>
================================================================================
There are no unusual files in clnt-muc-hamisch-mb.tblk
================================================================================
Configuration preferences:
-skipWarningThatMayNotConnectInFutureBecauseOfOpenVPNOptions = 1
-skipWarningThatNotUsingSpecifiedOpenVPN = 1
useDNS = 1
-useRouteUpInsteadOfUp = 1
-keychainHasUsernameAndPassword = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
-allowChangesToManuallySetNetworkSettings = 1
-lastConnectionSucceeded = 1
-prependDomainNameToSearchDomains = 1
-doNotShowOnTunnelblickMenu = 1
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
================================================================================
Program preferences:
placeIconInStandardPositionInStatusBar = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
tunnelblickVersionHistory = (
"3.7.5a (build 5011)",
"3.6.9 (build 4685)"
)
statusDisplayNumber = 0
lastLaunchTime = 547456151.69498
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = clnt-muc-hamisch-mb
keyboardShortcutIndex = 1
updateCheckAutomatically = 0
NSWindow Frame ConnectingWindow = 525 527 389 187 0 0 1440 877
NSWindow Frame SUUpdateAlert = 410 373 620 392 0 0 1440 877
detailsWindowFrameVersion = 5011
detailsWindowFrame = {{260, 316}, {920, 468}}
detailsWindowLeftFrame = {{0, 0}, {165, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = settings
leftNavSelectedDisplayName = clnt-muc-hamisch-mb
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 0
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 1
SULastCheckTime = 2018-05-08 04:08:14 +0000
SULastProfileSubmissionDate = 2018-05-08 04:08:14 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 16
WebKitStandardFont = Times
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
haveDealtWithSparkle1dot5b6 = 1
updateSendProfileInfo = 1
================================================================================
Tunnelblick Log:
*Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011); prior version 3.6.9 (build 4685)
2018-05-08 09:12:11 *Tunnelblick: Attempting connection with clnt-muc-hamisch-mb; Set nameserver = 769; monitoring connection
2018-05-08 09:12:11 *Tunnelblick: openvpnstart start clnt-muc-hamisch-mb.tblk 1337 769 0 3 0 1163696 -ptADGNWradsgnw 2.3.18-openssl-1.0.2o
2018-05-08 09:12:11 *Tunnelblick: openvpnstart log:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.18-openssl-1.0.2o/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-Sclnt--muc--hamisch--mb.tblk-SContents-SResources-Sconfig.ovpn.769_0_3_0_1163696.1337.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Shared/clnt-muc-hamisch-mb.tblk/Contents/Resources
--setenv
IV_GUI_VER
"net.tunnelblick.tunnelblick 5011 3.7.5a (build 5011)"
--verb
3
--config
/Library/Application Support/Tunnelblick/Shared/clnt-muc-hamisch-mb.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Shared/clnt-muc-hamisch-mb.tblk/Contents/Resources
--management
127.0.0.1
1337
/Library/Application Support/Tunnelblick/cnnheipnmbjmencmbccipfaifjhlkidooplabofo.mip
--management-query-passwords
--management-hold
--script-security
2
--route-up
--down
2018-05-08 09:12:11 *Tunnelblick: Established communication with OpenVPN
2018-05-08 09:12:11 *Tunnelblick: Obtained VPN username and password from the Keychain
2018-05-08 09:12:11 DEPRECATED OPTION: --tls-remote, please update your configuration
2018-05-08 09:12:11 OpenVPN 2.3.18 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Mar 27 2018
2018-05-08 09:12:11 library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
2018-05-08 09:12:11 MANAGEMENT: TCP Socket listening on [AF_INET]
127.0.0.1:13372018-05-08 09:12:11 Need hold release from management interface, waiting...
2018-05-08 09:12:11 MANAGEMENT: Client connected from [AF_INET]
127.0.0.1:13372018-05-08 09:12:11 MANAGEMENT: CMD 'pid'
2018-05-08 09:12:11 MANAGEMENT: CMD 'state on'
2018-05-08 09:12:11 MANAGEMENT: CMD 'state'
2018-05-08 09:12:11 MANAGEMENT: CMD 'bytecount 1'
2018-05-08 09:12:11 MANAGEMENT: CMD 'hold release'
2018-05-08 09:12:11 MANAGEMENT: CMD 'username "Auth" "jens"'
2018-05-08 09:12:11 MANAGEMENT: CMD 'password [...]'
2018-05-08 09:12:11 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-05-08 09:12:11 Socket Buffers: R=[196724->196724] S=[9216->9216]
2018-05-08 09:12:11 UDPv4 link local: [undef]
2018-05-08 09:12:11 MANAGEMENT: >STATE:1525763531,WAIT,,,
2018-05-08 09:12:11 MANAGEMENT: >STATE:1525763531,AUTH,,,
2018-05-08 09:12:11 TLS: Initial packet from [AF_INET]
194.49.60.7:9001, sid=5087b008 2ad12e98
2018-05-08 09:12:11 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2018-05-08 09:12:11 VERIFY OK: depth=1, /C=DE/ST=BY/L=Munich/O=Strawberry/OU=CA/CN=sb-mucgw-00/name=Strawberry_CA_Munich/emailAddress=
loc...@strawberry.com2018-05-08 09:12:11 VERIFY X509NAME OK: /C=DE/ST=BY/L=Munich/O=Strawberry/OU=IT/CN=sb-mucgw-00/name=Strawberry_VPN_access_point_munich/emailAddress=
loc...@strawberry.com2018-05-08 09:12:11 VERIFY OK: depth=0, /C=DE/ST=BY/L=Munich/O=Strawberry/OU=IT/CN=sb-mucgw-00/name=Strawberry_VPN_access_point_munich/emailAddress=
loc...@strawberry.com2018-05-08 09:12:11 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
2018-05-08 09:12:11 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2018-05-08 09:12:11 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
2018-05-08 09:12:11 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication
2018-05-08 09:12:11 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2018-05-08 09:12:11 [sb-mucgw-00] Peer Connection Initiated with [AF_INET]
194.49.60.7:90012018-05-08 09:12:11 *Tunnelblick: openvpnstart starting OpenVPN
2018-05-08 09:12:13 MANAGEMENT: >STATE:1525763533,GET_CONFIG,,,
2018-05-08 09:12:14 SENT CONTROL [sb-mucgw-00]: 'PUSH_REQUEST' (status=1)
2018-05-08 09:12:14 PUSH: Received control message: 'PUSH_REPLY,route 172.16.0.0 255.255.0.0,route 172.17.0.0 255.255.0.0,route 172.18.0.0 255.255.0.0,route 172.31.2.0 255.255.255.0,route 172.31.128.0 255.255.248.0,route 172.31.255.0 255.255.255.0,dhcp-option DNS 172.31.255.222,dhcp-option DOMAIN
strawberry.com,route 172.30.254.1,topology net30,ping 10,ping-restart 120,ifconfig 172.30.254.26 172.30.254.25'
2018-05-08 09:12:14 OPTIONS IMPORT: timers and/or timeouts modified
2018-05-08 09:12:14 OPTIONS IMPORT: --ifconfig/up options modified
2018-05-08 09:12:14 OPTIONS IMPORT: route options modified
2018-05-08 09:12:14 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2018-05-08 09:12:14 Opening utun (connect(AF_SYS_CONTROL)): Resource busy
2018-05-08 09:12:14 Opening utun (connect(AF_SYS_CONTROL)): Resource busy
2018-05-08 09:12:14 Opened utun device utun2
2018-05-08 09:12:14 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2018-05-08 09:12:14 MANAGEMENT: >STATE:1525763534,ASSIGN_IP,,172.30.254.26,
2018-05-08 09:12:14 /sbin/ifconfig utun2 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2018-05-08 09:12:14 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2018-05-08 09:12:14 /sbin/ifconfig utun2 172.30.254.26 172.30.254.25 mtu 1500 netmask 255.255.255.255 up
2018-05-08 09:12:14 MANAGEMENT: >STATE:1525763534,ADD_ROUTES,,,
2018-05-08 09:12:14 /sbin/route add -net 172.16.0.0 172.30.254.25 255.255.0.0
2018-05-08 09:12:14 /sbin/route add -net 172.17.0.0 172.30.254.25 255.255.0.0
2018-05-08 09:12:14 /sbin/route add -net 172.18.0.0 172.30.254.25 255.255.0.0
2018-05-08 09:12:14 /sbin/route add -net 172.31.2.0 172.30.254.25 255.255.255.0
2018-05-08 09:12:14 /sbin/route add -net 172.31.128.0 172.30.254.25 255.255.248.0
2018-05-08 09:12:14 /sbin/route add -net 172.31.255.0 172.30.254.25 255.255.255.0
2018-05-08 09:12:14 /sbin/route add -net 172.30.254.1 172.30.254.25 255.255.255.255
**********************************************
Disabled IPv6 for 'Wi-Fi'
Retrieved from OpenVPN: name server(s) [ 172.31.255.222 ], domain name [
strawberry.com ], search domain(s) [ ], and SMB server(s) [ ]
Not aggregating ServerAddresses because running on OS X 10.6 or higher
Prepending '
strawberry.com' to search domains '' because the search domains were not set manually (or are allowed to be changed) and 'Prepend domain name to search domains' was selected
Saved the DNS and SMB configurations so they can be restored
Changed DNS ServerAddresses setting from '172.18.8.33 172.18.8.34' to '172.31.255.222'
Did not change SMB NetBIOSName setting of ''
Did not change SMB Workgroup setting of ''
Did not change SMB WINSAddresses setting of '127.0.0.1'
DNS servers '172.31.255.222' will be used for DNS queries when the VPN is active
NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
Setting up to monitor system configuration with process-network-changes
**********************************************
2018-05-08 09:12:18 *Tunnelblick: No 'connected.sh' script to execute
2018-05-08 09:12:18 Initialization Sequence Completed
2018-05-08 09:12:18 MANAGEMENT: >STATE:1525763538,CONNECTED,SUCCESS,172.30.254.26,194.49.60.7
2018-05-08 09:13:51 *Tunnelblick process-network-changes: ServerAddresses changed from
* <array> {
* 0 : 172.31.255.222
* }
* to (pre-VPN)
* <array> {
* 0 : 172.18.8.33
* 1 : 172.18.8.34
* }
2018-05-08 09:13:51 *Tunnelblick process-network-changes: SearchDomains changed from
* <array> {
* }
* to (pre-VPN)
*
2018-05-08 09:13:51 *Tunnelblick process-network-changes: DomainName changed from
* to (pre-VPN)
2018-05-08 09:13:51 *Tunnelblick process-network-changes: Restoring ServerAddresses, DomainName, SearchDomains to post-VPN values
2018-05-08 09:14:02 *Tunnelblick process-network-changes: A system configuration change was ignored
2018-05-08 09:16:22 *Tunnelblick process-network-changes: A system configuration change was ignored
2018-05-08 09:23:13 *Tunnelblick process-network-changes: A system configuration change was ignored
================================================================================
"Sanitized" full configuration file
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote 194.49.60.7 9001
;remote my-server-2 1194
# Distinguished Name of server
# Retrieve by: openssl x509 -subject -noout -in server.crt
tls-remote "/C=DE/ST=BY/L=Munich/O=Strawberry/OU=IT/CN=sb-mucgw-00/name=Strawberry_VPN_access_point_munich/emailAddress=
loc...@strawberry.com"
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
;cert [inline]
;ca [inline]
;key [inline]
;ca ast.strawberry.com.ca.crt
;cert ast.strawberry.com.user.crt
;key ast.strawberry.com.user.key
# Force username and password
auth-user-pass
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
;ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
cipher AES-128-CBC
auth MD5
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
# Let the server decide when to renegotiate keys
reneg-sec 0
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
XHC20: flags=0<> mtu 0
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 6a:00:02:0b:0e:00
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 6a:00:02:0b:0e:01
media: autoselect <full-duplex>
status: inactive
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether f4:5c:89:cd:79:39
inet 172.27.18.24 netmask 0xffffe000 broadcast 172.27.31.255
inet6 fe80::c33:e297:b0ac:71b6%en0 prefixlen 64 secured scopeid 0x7
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 06:5c:89:cd:79:39
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether 9a:aa:5c:35:d1:19
inet6 fe80::98aa:5cff:fe35:d119%awdl0 prefixlen 64 scopeid 0x9
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 6a:00:02:0b:0e:00
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 5 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 6 priority 0 path cost 0
media: <unknown type>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::fb8f:de50:b43f:a99a%utun0 prefixlen 64 scopeid 0xb
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 172.30.254.26 --> 172.30.254.25 netmask 0xffffffff
================================================================================
Console Log:
2018-05-08 05:59:48 Tunnelblick[1681] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'username'
2018-05-08 05:59:48 Tunnelblick[1681] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'password'
2018-05-08 06:08:15 Tunnelblick[1681] Sparkle: ===== Tunnelblick =====
2018-05-08 06:08:15 Tunnelblick[1681] Sparkle: Verified appcast signature
2018-05-08 06:08:46 Tunnelblick[1681] Sparkle: Extracting using '/usr/bin/ditto' '-x' '-k' '-' < '/Users/jens/Library/Caches/net.tunnelblick.tunnelblick/org.sparkle-project.Sparkle/Tunnelblick 5011/Tunnelblick_3.7.5a_build_5011.zip' '/Users/jens/Library/Caches/net.tunnelblick.tunnelblick/org.sparkle-project.Sparkle/Tunnelblick 5011'
2018-05-08 06:08:53 Tunnelblick[1681] updater:willInstallUpdate: Starting cleanup.
2018-05-08 06:08:54 Tunnelblick[1681] pthread_mutex_lock( &unloadKextsMutex ) failed; status = 16, errno = 2
2018-05-08 06:08:54 Tunnelblick[1681] updater:willInstallUpdate: Cleanup finished.
2018-05-08 06:08:54 Tunnelblick[1681] applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes
2018-05-08 06:08:54 Tunnelblick[1681] pthread_mutex_trylock( &cleanupMutex ) failed; status = 16, errno = 22
2018-05-08 06:08:54 Tunnelblick[1681] pthread_mutex_trylock( &cleanupMutex ) failed is normal and expected when Tunnelblick is updated
2018-05-08 06:08:54 Tunnelblick[1681] Finished shutting down Tunnelblick; allowing termination
2018-05-08 06:09:03 Tunnelblick[11191] Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011)
2018-05-08 06:09:03 Tunnelblick[11191] Propagating '-resetPrimaryInterfaceAfterDisconnect' preferences that are TRUE to '-resetPrimaryInterfaceAfterUnexpectedDisconnect'
2018-05-08 06:09:03 Tunnelblick[11191] No .mip
2018-05-08 06:09:03 Tunnelblick[11191] Need to replace and/or reload 'tunnelblickd':
daemonHashesMatch = NO
plistHashesMatch = YES
activePlistMatches = YES
2018-05-08 06:09:15 Tunnelblick[11191] Tunnelblick muss:
• zur Absicherung Eigentümer und Rechte des Programms ändern
2018-05-08 06:09:15 Tunnelblick[11191] Beginning installation or repair
2018-05-08 06:09:16 Tunnelblick[11191] Installation or repair succeeded; Log:
Tunnelblick installer started 2018-05-08 06:09:15. 1 arguments: 0x0105
Changed permissions from 744 to 755 on /var/log/Tunnelblick
Created .mip
Replaced /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist
Used launchctl to load tunnelblickd
Tunnelblick installer finished without error
2018-05-08 06:09:33 Tunnelblick[11191] Configuration clnt-muc-hamisch-mb will use OpenVPN 2.3.18 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2o
2018-05-08 06:09:34 Tunnelblick[11191] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'username'
2018-05-08 06:09:34 Tunnelblick[11191] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'password'
2018-05-08 06:13:08 Tunnelblick[11191] Set 'expect disconnect' flag
2018-05-08 06:13:10 Tunnelblick[11191] Configuration clnt-muc-hamisch-mb will use OpenVPN 2.3.18 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2o
2018-05-08 06:13:11 Tunnelblick[11191] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'username'
2018-05-08 06:13:11 Tunnelblick[11191] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'password'
2018-05-08 08:05:44 Tunnelblick[11191] Configuration clnt-muc-hamisch-mb will use OpenVPN 2.3.18 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2o
2018-05-08 08:05:44 Tunnelblick[11191] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'username'
2018-05-08 08:05:44 Tunnelblick[11191] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'password'
2018-05-08 08:51:11 Tunnelblick[11191] Configuration clnt-muc-hamisch-mb will use OpenVPN 2.3.18 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2o
2018-05-08 08:51:12 Tunnelblick[11191] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'username'
2018-05-08 08:51:12 Tunnelblick[11191] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'password'
2018-05-08 08:53:33 Tunnelblick[11191] applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes
2018-05-08 08:53:33 Tunnelblick[11191] pthread_mutex_lock( &unloadKextsMutex ) failed; status = 16, errno = 2
2018-05-08 08:53:34 Tunnelblick[11191] Finished shutting down Tunnelblick; allowing termination
2018-05-08 08:53:46 Tunnelblick[13408] Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011)
2018-05-08 08:53:55 Tunnelblick[13408] Configuration clnt-muc-hamisch-mb will use OpenVPN 2.3.18 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2o
2018-05-08 08:53:55 Tunnelblick[13408] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'username'
2018-05-08 08:53:55 Tunnelblick[13408] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'password'
2018-05-08 08:54:43 Tunnelblick[13408] applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes
2018-05-08 08:54:43 Tunnelblick[13408] pthread_mutex_lock( &unloadKextsMutex ) failed; status = 16, errno = 2
2018-05-08 08:54:44 Tunnelblick[13408] Finished shutting down Tunnelblick; allowing termination
2018-05-08 09:09:10 Tunnelblick[13887] Tunnelblick: OS X 10.13.4; Tunnelblick 3.7.5a (build 5011)
2018-05-08 09:12:11 Tunnelblick[13887] Configuration clnt-muc-hamisch-mb will use OpenVPN 2.3.18 - OpenSSL v1.0.2o instead of 2.4.4 - OpenSSL v1.0.2o
2018-05-08 09:12:11 Tunnelblick[13887] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'username'
2018-05-08 09:12:11 Tunnelblick[13887] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-clnt-muc-hamisch-mb' account = 'password'