ICMP Redirects - Ping brings Redirect Host
Dr...@thedragonworld.com
MacBookPro1:~ Cupro$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
36 bytes from 192.168.1.251: Redirect Host(New addr: 192.168.1.1)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 16b9 0 0000 40 01 e016 192.168.1.136 192.168.1.1
64 bytes from 192.168.1.1: icmp_seq=0 ttl=128 time=1.531 ms
36 bytes from 192.168.1.251: Redirect Host(New addr: 192.168.1.1)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 5178 0 0000 40 01 a557 192.168.1.136 192.168.1.1
192.168.1.1 is the client I want to connect
192.168.1.251 is the local pfsense (Firewall and VPN, not DNS, not DHCP)
192.168.1.136 is my MAC
*Tunnelblick: OS X 10.10.2; Tunnelblick 3.4.3 (build 4055.4198); prior version 3.4.2 (build 4055.4161); Admin user
"Sanitized" condensed configuration file for /Users/Cupro/Library/Application Support/Tunnelblick/Configurations/XXXXXXXXX.tblk:
client
dev tun
proto udp
remote XXXXXXXX.XXXXXXXXXXXX.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca XXXXXXXXX.crt
cert Cupro.crt
key Cupro.key
comp-lzo
verb 3
================================================================================
"Sanitized" full configuration file
client
dev tun
proto udp
remote XXXXXXXXXX.XXXXXXXXXX 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca XXXXXXXXXXXXX.crt
cert Cupro.crt
key Cupro.key
comp-lzo
verb 3
================================================================================
There are no unusual files in XXXXXXXXXXXXXX.tblk
================================================================================
Configuration preferences:
useDNS = 1
-keychainHasUsernameAndPassword = 0
-keepConnected = 1
-doNotDisconnectOnSleep = 1
-lastConnectionSucceeded = 1
================================================================================
Wildcard preferences:
================================================================================
Program preferences:
skipWarningAboutSimultaneousConnections = 1
skipWarningThatIPANotFetchedBeforeConnection = 1
skipWarningThatIPAddressDidNotChangeAfterConnection = 1
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
tunnelblickVersionHistory = (
"3.4.3 (build 4055.4198)",
"3.4.2 (build 4055.4161)",
"3.4.1 (build 4054)"
)
statusDisplayNumber = 0
lastLaunchTime = 444660427.226062
doNotShowNotificationWindowOnMouseover = 1
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = XXXXXXXXXXX
keyboardShortcutIndex = 1
updateAutomatically = 0
updateCheckAutomatically = 1
updateSendProfileInfo = 0
NSWindow Frame SettingsSheetWindow = 421 566 829 424 0 0 1920 1177
NSWindow Frame ConnectingWindow = 2685 742 389 187 1920 0 1920 1177
detailsWindowFrameVersion = 4055.4198
detailsWindowFrame = {{176, 162}, {1132, 617}}
detailsWindowLeftFrame = {{0, 0}, {205, 500}}
leftNavSelectedDisplayName = XXXXXXXXXX
haveDealtWithSparkle1dot5b6 = 1
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
SUEnableAutomaticChecks = 1
SUFeedURL = https://www.tunnelblick.net/appcast-s.rss
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 0
SUAutomaticallyUpdate = 0
SULastCheckTime = 2015-02-03 12:47:07 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 11
WebKitStandardFont = .Helvetica Neue DeskInterface
================================================================================
Tunnelblick Log:
2015-02-05 10:03:34 *Tunnelblick: OS X 10.10.2; Tunnelblick 3.4.3 (build 4055.4198); prior version 3.4.2 (build 4055.4161)
2015-02-05 10:03:34 *Tunnelblick: Attempting connection with XXXXXXXXXX using shadow copy; Set nameserver = 1; monitoring connection
2015-02-05 10:03:34 *Tunnelblick: openvpnstart start XXXXXXXXXX.tblk 1337 1 0 1 0 16688 -ptADGNWradsgnw 2.3.6
2015-02-05 10:03:35 *Tunnelblick: openvpnstart log:
Tunnelblick:
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.6/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-SCupro-SLibrary-SApplication Support-STunnelblick-SConfigurations-SXXXXXXXXXX.tblk-SContents-SResources-Sconfig.ovpn.1_0_1_0_16688.1337.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Users/Cupro/XXXXXXXXXX.tblk/Contents/Resources
--config
/Library/Application Support/Tunnelblick/Users/Cupro/XXXXXXXXXX.tblk/Contents/Resources/config.ovpn
--cd
/Library/Application Support/Tunnelblick/Users/Cupro/XXXXXXXXXX.tblk/Contents/Resources
--management
127.0.0.1
1337
--management-query-passwords
--management-hold
--script-security
2
--up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw
2015-02-05 10:03:34 *Tunnelblick: openvpnstart starting OpenVPN
2015-02-05 10:03:35 *Tunnelblick: Established communication with OpenVPN
2015-02-05 10:03:35 OpenVPN 2.3.6 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Jan 8 2015
2015-02-05 10:03:35 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
2015-02-05 10:03:35 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2015-02-05 10:03:35 Need hold release from management interface, waiting...
2015-02-05 10:03:35 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2015-02-05 10:03:35 MANAGEMENT: CMD 'pid'
2015-02-05 10:03:35 MANAGEMENT: CMD 'state on'
2015-02-05 10:03:35 MANAGEMENT: CMD 'state'
2015-02-05 10:03:35 MANAGEMENT: CMD 'bytecount 1'
2015-02-05 10:03:35 MANAGEMENT: CMD 'hold release'
2015-02-05 10:03:35 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2015-02-05 10:03:35 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2015-02-05 10:03:35 Socket Buffers: R=[196724->65536] S=[9216->65536]
2015-02-05 10:03:35 MANAGEMENT: >STATE:1423127015,RESOLVE,,,
2015-02-05 10:03:36 UDPv4 link local: [undef]
2015-02-05 10:03:36 UDPv4 link remote: [AF_INET]XXX.XXX.XXX.XXX:1194
2015-02-05 10:03:36 MANAGEMENT: >STATE:1423127016,WAIT,,,
2015-02-05 10:03:36 MANAGEMENT: >STATE:1423127016,AUTH,,,
2015-02-05 10:03:36 TLS: Initial packet from [AF_INET]XXX.XXX.XXX.XXX:1194, sid=509d3640 a322aa14
2015-02-05 10:03:36 VERIFY OK: depth=1, C=AT, ST=Vienna, L=Vienna, O=XXXXXXXXXX, emailAddress=XX...@XXXXXXXXX.XXX, CN=XXXXXXXXXX
2015-02-05 10:03:36 VERIFY OK: depth=0, C=AT, ST=Vienna, L=Vienna, O=XXXXXXXXXX, emailAddress=XX...@XXXXXXXXX.XXX, CN=XXXXXXXXXX
2015-02-05 10:03:37 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2015-02-05 10:03:37 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2015-02-05 10:03:37 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2015-02-05 10:03:37 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2015-02-05 10:03:37 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2015-02-05 10:03:37 [XXXXXXXXXX] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:1194
2015-02-05 10:03:38 MANAGEMENT: >STATE:1423127018,GET_CONFIG,,,
2015-02-05 10:03:39 SENT CONTROL [XXXXXXXXXX]: 'PUSH_REQUEST' (status=1)
2015-02-05 10:03:39 PUSH: Received control message: 'PUSH_REPLY,route 192.168.184.0 255.255.255.0,route 10.0.10.1,topology net30,ping 10,ping-restart 60,ifconfig 10.0.10.6 10.0.10.5'
2015-02-05 10:03:39 OPTIONS IMPORT: timers and/or timeouts modified
2015-02-05 10:03:39 OPTIONS IMPORT: --ifconfig/up options modified
2015-02-05 10:03:39 OPTIONS IMPORT: route options modified
2015-02-05 10:03:39 Opening utun (connect(AF_SYS_CONTROL)): Resource busy
2015-02-05 10:03:39 Opened utun device utun1
2015-02-05 10:03:39 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2015-02-05 10:03:39 MANAGEMENT: >STATE:1423127019,ASSIGN_IP,,10.0.10.6,
2015-02-05 10:03:39 /sbin/ifconfig utun1 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2015-02-05 10:03:39 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2015-02-05 10:03:39 /sbin/ifconfig utun1 10.0.10.6 10.0.10.5 mtu 1500 netmask 255.255.255.255 up
2015-02-05 10:03:39 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -m -w -d -f -ptADGNWradsgnw utun1 1500 1542 10.0.10.6 10.0.10.5 init
**********************************************
Start of output from client.up.tunnelblick.sh
No network configuration changes need to be made.
Will NOT monitor for other network configuration changes.
End of output from client.up.tunnelblick.sh
**********************************************
2015-02-05 10:03:41 MANAGEMENT: >STATE:1423127021,ADD_ROUTES,,,
2015-02-05 10:03:41 /sbin/route add -net 192.168.184.0 10.0.10.5 255.255.255.0
2015-02-05 10:03:41 *Tunnelblick: No 'connected.sh' script to execute
add net 192.168.184.0: gateway 10.0.10.5
2015-02-05 10:03:41 /sbin/route add -net 10.0.10.1 10.0.10.5 255.255.255.255
add net 10.0.10.1: gateway 10.0.10.5
2015-02-05 10:03:41 Initialization Sequence Completed
2015-02-05 10:03:41 MANAGEMENT: >STATE:1423127021,CONNECTED,SUCCESS,10.0.10.6,XXX.XXX.XXX.XXX
2015-02-05 10:03:46 *Tunnelblick: This computer's apparent public IP address (81.223.173.126) was unchanged after the connection was made
================================================================================
Console Log:
2015-02-05 09:20:43 WindowServer[130] CGError post_notification(const CGSNotificationType, void *const, const size_t, const bool, const CGSRealTimeDelta, const int, const CGSConnectionID *const, const pid_t): Timed out 0.250 second wait for reply from "Tunnelblick" for synchronous notification type 109 (<unknown>) (CID 0x22403, PID 363)
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) <Linked Against>
119 0 0xffffff7f8138d000 0x4000 0x4000 com.protech.NoSleep (1.4.0) <5 4 3>