Diagnostic log
*Tunnelblick: OS X 10.11.6; Tunnelblick 3.7.1beta01 (build 4800); Admin user
git commit 844a29ce2d4edda7d77bf96279e84b42a80bec57
Configuration macbook
"Sanitized" condensed configuration file for /Users/Macbook/Library/Application Support/Tunnelblick/Configurations/macbook.tblk:
client
dev tun
proto udp
remote
xxxx.asuscomm.com 1194
float
comp-lzo adaptive
keepalive 15 60
auth-user-pass
ns-cert-type server
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
resolv-retry infinite
nobind
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
120 0 0xffffff7f80a7b000 0x5b000 0x5b000 com.paragon-software.kext.VDMounter (526.1) DEA8787E-5CCC-31F8-9730-B5E58A4C15D1 <16 5 4 3 1>
================================================================================
There are no unusual files in macbook.tblk
================================================================================
Configuration preferences:
-keychainHasUsernameAndPassword = 1
-loggingLevel = 3
-lastConnectionSucceeded = 1
================================================================================
Wildcard preferences:
================================================================================
Program preferences:
placeIconInStandardPositionInStatusBar = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
tunnelblickVersionHistory = (
"3.7.1beta01 (build 4800)"
)
lastLaunchTime = 511551202.271212
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = macbook
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
updateSendProfileInfo = 1
NSWindow Frame ConnectingWindow = 424 442 389 187 0 0 1280 777
detailsWindowFrameVersion = 4800
detailsWindowFrame = {{59, 165}, {920, 468}}
detailsWindowLeftFrame = {{0, 0}, {165, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavSelectedDisplayName = macbook
AdvancedWindowTabIdentifier = vpnCredentials
haveDealtWithSparkle1dot5b6 = 1
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 1
SULastCheckTime = 2017-03-18 17:33:21 +0000
SULastProfileSubmissionDate = 2017-03-17 22:39:56 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 16
WebKitStandardFont = Times
================================================================================
Tunnelblick Log:
*Tunnelblick: OS X 10.11.6; Tunnelblick 3.7.1beta01 (build 4800)
2017-03-18 10:34:17 *Tunnelblick: Attempting connection with macbook using shadow copy; Set nameserver = 769; monitoring connection
2017-03-18 10:34:17 *Tunnelblick: openvpnstart start macbook.tblk 1337 769 0 1 0 1065264 -ptADGNWradsgnw 2.3.14-openssl-1.0.2k
2017-03-18 10:34:17 *Tunnelblick: openvpnstart log:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.14-openssl-1.0.2k/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-SMacbook-SLibrary-SApplication Support-STunnelblick-SConfigurations-Smacbook.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1065264.1337.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Users/Macbook/macbook.tblk/Contents/Resources
--verb
3
--config
/Library/Application Support/Tunnelblick/Users/Macbook/macbook.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Users/Macbook/macbook.tblk/Contents/Resources
--management
127.0.0.1
1337
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/
client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/
client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
2017-03-18 10:34:17 *Tunnelblick: Established communication with OpenVPN
2017-03-18 10:34:17 OpenVPN 2.3.14 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Jan 30 2017
2017-03-18 10:34:17 library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.09
2017-03-18 10:34:17 MANAGEMENT: TCP Socket listening on [AF_INET]
127.0.0.1:13372017-03-18 10:34:17 Need hold release from management interface, waiting...
2017-03-18 10:34:17 MANAGEMENT: Client connected from [AF_INET]
127.0.0.1:13372017-03-18 10:34:17 MANAGEMENT: CMD 'pid'
2017-03-18 10:34:17 MANAGEMENT: CMD 'state on'
2017-03-18 10:34:17 MANAGEMENT: CMD 'state'
2017-03-18 10:34:17 MANAGEMENT: CMD 'bytecount 1'
2017-03-18 10:34:17 MANAGEMENT: CMD 'hold release'
2017-03-18 10:34:17 *Tunnelblick: Obtained VPN username and password from the Keychain
2017-03-18 10:34:17 MANAGEMENT: CMD 'username "Auth" "macbook"'
2017-03-18 10:34:17 MANAGEMENT: CMD 'password [...]'
2017-03-18 10:34:17 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2017-03-18 10:34:17 Socket Buffers: R=[196724->196724] S=[9216->9216]
2017-03-18 10:34:17 MANAGEMENT: >STATE:1489858457,RESOLVE,,,
2017-03-18 10:34:17 UDPv4 link local: [undef]
2017-03-18 10:34:17 UDPv4 link remote: [AF_INET]
98.237.238.53:11942017-03-18 10:34:17 MANAGEMENT: >STATE:1489858457,WAIT,,,
2017-03-18 10:34:17 MANAGEMENT: >STATE:1489858457,AUTH,,,
2017-03-18 10:34:17 TLS: Initial packet from [AF_INET]
98.237.238.53:1194, sid=ed894a0b 18d0b050
2017-03-18 10:34:17 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2017-03-18 10:34:17 *Tunnelblick: openvpnstart starting OpenVPN
2017-03-18 10:34:18 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=m...@myhost.mydomain
2017-03-18 10:34:18 VERIFY OK: nsCertType=SERVER
2017-03-18 10:34:18 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=m...@myhost.mydomain
2017-03-18 10:34:18 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2017-03-18 10:34:18 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
2017-03-18 10:34:18 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2017-03-18 10:34:18 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2017-03-18 10:34:18 WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
2017-03-18 10:34:18 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2017-03-18 10:34:18 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2017-03-18 10:34:18 [RT-AC68U] Peer Connection Initiated with [AF_INET]
98.237.238.53:11942017-03-18 10:34:19 MANAGEMENT: >STATE:1489858459,GET_CONFIG,,,
2017-03-18 10:34:20 SENT CONTROL [RT-AC68U]: 'PUSH_REQUEST' (status=1)
2017-03-18 10:34:20 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0 vpn_gateway 500,redirect-gateway def1,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5'
2017-03-18 10:34:20 OPTIONS IMPORT: timers and/or timeouts modified
2017-03-18 10:34:20 OPTIONS IMPORT: --ifconfig/up options modified
2017-03-18 10:34:20 OPTIONS IMPORT: route options modified
2017-03-18 10:34:20 Opened utun device utun0
2017-03-18 10:34:20 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2017-03-18 10:34:20 MANAGEMENT: >STATE:1489858460,ASSIGN_IP,,10.8.0.6,
2017-03-18 10:34:20 /sbin/ifconfig utun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2017-03-18 10:34:20 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2017-03-18 10:34:20 /sbin/ifconfig utun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2017-03-18 10:34:20 /Applications/Tunnelblick.app/Contents/Resources/
client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun0 1500 1542 10.8.0.6 10.8.0.5 init
**********************************************
Start of output from
client.up.tunnelblick.sh NOTE: No network configuration changes need to be made.
WARNING: Will NOT monitor for other network configuration changes.
WARNING: Will NOT disable IPv6 settings.
DNS servers '8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220' were set manually
DNS servers '8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220' will be used for DNS queries when the VPN is active
The DNS servers include only free public DNS servers known to Tunnelblick.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
End of output from
client.up.tunnelblick.sh **********************************************
2017-03-18 10:34:22 *Tunnelblick: No 'connected.sh' script to execute
2017-03-18 10:34:22 /sbin/route add -net 98.237.238.53 10.224.0.1 255.255.255.255
add net
98.237.238.53: gateway 10.224.0.1
2017-03-18 10:34:22 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
add net
0.0.0.0: gateway 10.8.0.5
2017-03-18 10:34:22 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
add net
128.0.0.0: gateway 10.8.0.5
2017-03-18 10:34:22 MANAGEMENT: >STATE:1489858462,ADD_ROUTES,,,
2017-03-18 10:34:22 /sbin/route add -net 192.168.1.0 10.8.0.5 255.255.255.0
add net
192.168.1.0: gateway 10.8.0.5
2017-03-18 10:34:22 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
add net
10.8.0.1: gateway 10.8.0.5
2017-03-18 10:34:22 Initialization Sequence Completed
2017-03-18 10:34:22 MANAGEMENT: >STATE:1489858462,CONNECTED,SUCCESS,10.8.0.6,98.237.238.53
2017-03-18 10:34:45 *Tunnelblick: This computer's apparent public IP address changed from 73.109.62.245 before connection to xx.xxx.238.53 after connection
2017-03-18 10:35:02 *Tunnelblick: Disconnecting; 'Disconnect' (toggle) menu command invoked
2017-03-18 10:35:02 *Tunnelblick: No 'pre-disconnect.sh' script to execute
2017-03-18 10:35:02 *Tunnelblick: Disconnecting using 'kill'
2017-03-18 10:35:02 event_wait : Interrupted system call (code=4)
2017-03-18 10:35:02 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
delete net
10.8.0.1: gateway 10.8.0.5
2017-03-18 10:35:02 /sbin/route delete -net 192.168.1.0 10.8.0.5 255.255.255.0
delete net
192.168.1.0: gateway 10.8.0.5
2017-03-18 10:35:02 /sbin/route delete -net 98.237.238.53 10.224.0.1 255.255.255.255
delete net
98.237.238.53: gateway 10.224.0.1
2017-03-18 10:35:02 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
delete net
0.0.0.0: gateway 10.8.0.5
2017-03-18 10:35:02 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
delete net
128.0.0.0: gateway 10.8.0.5
2017-03-18 10:35:02 Closing TUN/TAP interface
2017-03-18 10:35:02 /Applications/Tunnelblick.app/Contents/Resources/
client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun0 1500 1542 10.8.0.6 10.8.0.5 init
**********************************************
Start of output from
client.down.tunnelblick.sh WARNING: Not restoring DNS settings because no saved Tunnelblick DNS information was found.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
End of output from
client.down.tunnelblick.sh **********************************************
2017-03-18 10:35:03 SIGTERM[hard,] received, process exiting
2017-03-18 10:35:03 MANAGEMENT: >STATE:1489858503,EXITING,SIGTERM,,
2017-03-18 10:35:04 *Tunnelblick: No 'post-disconnect.sh' script to execute
2017-03-18 10:35:04 *Tunnelblick: Expected disconnection occurred.
================================================================================
"Sanitized" full configuration file
client
dev tun
proto udp
remote
xxxx.asuscomm.com 1194
float
comp-lzo adaptive
keepalive 15 60
auth-user-pass
ns-cert-type server
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
resolv-retry infinite
nobind
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=1<PERFORMNUD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=27<RXCSUM,TXCSUM,VLAN_MTU,TSO4>
ether e8:06:88:b9:58:8a
nd6 options=1<PERFORMNUD>
media: autoselect
status: inactive
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 58:b0:35:88:f1:23
inet6 fe80::5ab0:35ff:fe88:f123%en1 prefixlen 64 scopeid 0x5
inet 10.243.164.197 netmask 0xffe00000 broadcast 10.255.255.255
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 0a:b0:35:88:f1:23
media: autoselect
status: inactive
================================================================================
Console Log:
2017-03-18 10:33:18 Tunnelblick[371] Tunnelblick: OS X 10.11.6; Tunnelblick 3.7.1beta01 (build 4800)
2017-03-18 10:33:21 Tunnelblick[371] Sparkle: ===== Tunnelblick =====
2017-03-18 10:33:21 Tunnelblick[371] Sparkle: Verified appcast signature
2017-03-18 10:34:17 Tunnelblick[371] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-macbook' account = 'username'
2017-03-18 10:34:17 Tunnelblick[371] Keychain item retrieved successfully for service = 'Tunnelblick-Auth-macbook' account = 'password'