Possible Adapter Security Issue

54 views
Skip to first unread message

ANON

unread,
Oct 25, 2023, 12:50:12 PM10/25/23
to tunnelblick-discuss

Tunnelblick freezes upon loading conifg which works fine on other machines, throws error regarding config file, passably adapter related, does the below spell anything obvious?

Thanks


============================================================

*Tunnelblick: macOS 13.6 (22G120); Tunnelblick 3.8.8e (build 5779.1); prior version 3.8.8d (build 5779); Admin user

git commit bb2553c4a7dd46b90f3018f7d196165655e9e99e + uncommitted changes:

?? ../third_party/sources/IOUserEthernetController.h

The Tunnelblick.app process is not being translated (x86_64)

System Integrity Protection is enabled

Model: iMac18,3

 

Configuration nmasha__ssl_vpn_config (1) - Copy

 

"Sanitized" condensed configuration file for /Library/Application Support/Tunnelblick/Shared/nmasha__ssl_vpn_config (1) - Copy.tblk:

 

 

 

================================================================================

 

Files in nmasha__ssl_vpn_config (1) - Copy.tblk:

      Contents/Resources/config.ovpn

 

================================================================================

 

Tunnelblick Kext Policy Data:

 

Error status -1 attempting to access the Kext Policy database

stdout =

(null)

stderr =

(null)

 

================================================================================

 

Configuration preferences:

 

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

 

================================================================================

 

Wildcard preferences:

 

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

 

================================================================================

 

Program preferences:

 

launchAtNextLogin = 1

tunnelblickVersionHistory = (

    "3.8.8e (build 5779.1)",

    "3.8.8d (build 5779)"

)

lastLaunchTime = 719942617.505024

lastLanguageAtLaunchWasRTL = 0

connectionWindowDisplayCriteria = showWhenConnecting

maxLogDisplaySize = 102400

keyboardShortcutIndex = 1

namedCredentialsThatAllConfigurationsUse = nmasha

namedCredentialsNames = (

    nmasha

)

updateCheckAutomatically = 1

NSWindow Frame SettingsSheetWindow = 883 336 829 548 0 0 2560 1415

NSWindow Frame ConnectingWindow = 1085 913 389 217 0 0 2560 1415

NSWindow Frame SUStatusFrame = 1080 975 400 135 0 0 2560 1415

NSWindow Frame SUUpdateAlert = 970 777 620 398 0 0 2560 1415

detailsWindowFrameVersion = 5779.1

detailsWindowFrame = {{999, 433}, {920, 522}}

detailsWindowLeftFrame = {{0, 0}, {167, 402}}

detailsWindowViewIndex = 0

detailsWindowConfigurationsTabIdentifier = settings

leftNavSelectedDisplayName = nmasha__ssl_vpn_config (1) - Copy

AdvancedWindowTabIdentifier = connectingAndDisconnecting

haveDealtWithOldTunTapPreferences = 1

haveDealtWithAlwaysShowLoginWindow = 1

haveDealtWithOldLoginItem = 1

haveDealtWithAfterDisconnect = 1

SUEnableAutomaticChecks = 1

SUScheduledCheckInterval = 86400

SULastCheckTime = 2023-10-25 16:03:38 +0000

SUHasLaunchedBefore = 1

 

================================================================================

 

Forced preferences:

 

(None)

 

================================================================================

 

Deployed forced preferences:

 

(None)

 

================================================================================

 

Tunnelblick Log:

 

2023-10-25 17:05:49.255868 *Tunnelblick: macOS 13.6 (22G120); Tunnelblick 3.8.8e (build 5779.1); prior version 3.8.8d (build 5779)

 

================================================================================

 

Down log:

 

(Not found)

================================================================================

 

Previous down log:

 

17:23:39 *Tunnelblick:  **********************************************

17:23:39 *Tunnelblick:  Start of output from client.down.tunnelblick.sh

17:23:39 *Tunnelblick:  Cancelled monitoring system configuration changes

17:23:39 *Tunnelblick:  Restored State:DNS

17:23:39 *Tunnelblick:  Removed Setup:DNS

17:23:39 *Tunnelblick:  Removed State:SMB

17:23:39 *Tunnelblick:  Restored DNS and SMB settings

17:23:40 *Tunnelblick:  Re-enabled IPv6 (automatic) for "Ethernet"

17:23:40 *Tunnelblick:  Re-enabled IPv6 (automatic) for "Wi-Fi"

17:23:40 *Tunnelblick:  Re-enabled IPv6 (automatic) for "iPhone USB"

17:23:40 *Tunnelblick:  Re-enabled IPv6 (automatic) for "Thunderbolt Bridge"

17:23:40 *Tunnelblick:  Flushed the DNS cache with dscacheutil -flushcache

17:23:40 *Tunnelblick:  Notified mDNSResponder that the DNS cache was flushed

17:23:40 *Tunnelblick:  End of output from client.down.tunnelblick.sh

17:23:40 *Tunnelblick:  **********************************************

 

================================================================================

 

Network services:

 

An asterisk (*) denotes that a network service is disabled.

Ethernet

Wi-Fi

iPhone USB

Thunderbolt Bridge

 

Wi-Fi Power (en1): On

 

================================================================================

 

ifconfig output:

 

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384

            options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>

            inet 127.0.0.1 netmask 0xff000000

            inet6 ::1 prefixlen 128

            inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1

            nd6 options=201<PERFORMNUD,DAD>

gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280

stf0: flags=0<> mtu 1280

en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

            options=50b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV,CHANNEL_IO>

            ether 68:fe:f7:05:27:32

            nd6 options=201<PERFORMNUD,DAD>

            media: autoselect (none)

            status: inactive

en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

            options=400<CHANNEL_IO>

            ether 18:81:0e:d6:27:e0

            inet 192.168.0.50 netmask 0xffffff00 broadcast 192.168.0.255

            media: autoselect

            status: active

awdl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1484

            options=400<CHANNEL_IO>

            ether 36:08:34:3a:51:6b

            inet6 fe80::3408:34ff:fe3a:516b%awdl0 prefixlen 64 scopeid 0x6

            nd6 options=201<PERFORMNUD,DAD>

            media: autoselect

            status: active

llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

            options=400<CHANNEL_IO>

            ether 36:08:34:3a:51:6b

            inet6 fe80::3408:34ff:fe3a:516b%llw0 prefixlen 64 scopeid 0x7

            nd6 options=201<PERFORMNUD,DAD>

            media: autoselect

            status: active

en3: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500

            options=460<TSO4,TSO6,CHANNEL_IO>

            ether 82:d6:4f:0b:94:01

            media: autoselect <full-duplex>

            status: inactive

en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500

            options=460<TSO4,TSO6,CHANNEL_IO>

            ether 82:d6:4f:0b:94:00

            media: autoselect <full-duplex>

            status: inactive

bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

            options=63<RXCSUM,TXCSUM,TSO4,TSO6>

            ether 82:d6:4f:0b:94:00

            Configuration:

                        id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0

                        maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200

                        root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0

                        ipfilter disabled flags 0x0

            member: en2 flags=3<LEARNING,DISCOVER>

                    ifmaxaddr 0 port 9 priority 0 path cost 0

            member: en3 flags=3<LEARNING,DISCOVER>

                    ifmaxaddr 0 port 8 priority 0 path cost 0

            media: <unknown type>

            status: inactive

utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1400

utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380

            inet6 fe80::432c:91a0:a6bc:21b1%utun1 prefixlen 64 scopeid 0xc

            nd6 options=201<PERFORMNUD,DAD>

utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000

            inet6 fe80::8966:4534:8fe:701e%utun2 prefixlen 64 scopeid 0xd

            nd6 options=201<PERFORMNUD,DAD>

utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000

            inet6 fe80::ce81:b1c:bd2c:69e%utun3 prefixlen 64 scopeid 0xe

            nd6 options=201<PERFORMNUD,DAD>

 

================================================================================

 

Non-Apple kexts that are loaded:

 

Index Refs Address            Size       Wired      Name (Version) UUID <Linked Against>

 

================================================================================

 

Quit Log:

 

2023-10-25 17:01:42.008546 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)

2023-10-25 17:01:42.010910 shutDownTunnelblick: started.

2023-10-25 17:01:42.012708 shutDownTunnelblick: Starting cleanup.

2023-10-25 17:01:42.013086 cleanup: Entering cleanup

2023-10-25 17:01:42.013520 synchronized user defaults

2023-10-25 17:02:42.455868 shutDownTunnelblick: Cleanup finished.

2023-10-25 17:02:42.456332 Finished shutting down Tunnelblick; allowing termination

 

================================================================================

 

Traces Log:

 

 

================================================================================

 

Console Log:

 

 

Tunnelblick developer

unread,
Oct 25, 2023, 12:56:45 PM10/25/23
to tunnelblick-discuss
Please post the contents of the configuration file you are trying to install and the error that is displayed when you try to install it.
Message has been deleted

Tunnelblick developer

unread,
Oct 26, 2023, 8:35:35 AM10/26/23
to tunnelblick-discuss
I have deleted your post with the complete contents of the configuration file. Here are the contents of the post without the security-sensitive certificates and keys:

Hi, 

config as per below:

client
dev tun
proto tcp
;verify-x509-name "C=GB, ST=NA, L=NA, O=Piccadilly Greetings Group, OU=OU, CN=SophosApplianceCertificate_C23076GKHPFD961, emailAddress=piccadil...@minervauk.com"
;route remote_host 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
<ca>
</ca>
<cert>
</cert>
<key>
</key>
auth-user-pass
cipher AES-128-CBC
auth SHA256
comp-lzo yes
;can_save no
;otp no
;run_logon_script no
;auto_connect
route-delay 4
verb 3
reneg-sec 86400
remote vpn.piccadillygreetings.co.uk 8443

I am getting adapter errors messages


Tunnelblick developer

unread,
Oct 26, 2023, 8:40:13 AM10/26/23
to tunnelblick-discuss
The configuration file is weird – it contains several lines that are not OpenVPN options, such as "auto_connect" and "can_save no", and "otp no".

You should talk to Sophos: you're paying or have paid them for the VPN device that you are trying to connect to.

ANON

unread,
Oct 27, 2023, 9:31:30 AM10/27/23
to tunnelblick-discuss
I have used this exact config on my machine and it works fine 
Reply all
Reply to author
Forward
0 new messages