*Tunnelblick: OS X 10.13.3; Tunnelblick 3.7.4b (build 4921); Admin user
git commit 88763bb2b2bfcc7debb3ddc78cdf5a350722717c
Configuration client
"Sanitized" condensed configuration file for /Users/cyong/Library/Application Support/Tunnelblick/Configurations/client.tblk:
client
dev tap
proto udp
remote XXX.XXX.XXX.XXX 12974
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
comp-lzo
verb 5
script-security 2
up dhcp-client-request.sh
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
33 0 0xffffff7f85a44000 0x110000 0x110000 com.ni.driver.nipalk (2.9.1) D74E3D96-0578-3E6A-48E5-89EF613CB305 <32 12 5 4 3>
87 0 0xffffff7f811ad000 0x17c000 0x17c000 at.obdev.nke.LittleSnitch (5116) 67B9951B-2573-3684-AC08-396F1B4D8E2A <7 5 4 3 1>
================================================================================
Unusual files in client.tblk:
Contents/Resources/dhcp-client-request.sh
================================================================================
Configuration preferences:
useDNS = 1
-notMonitoringConnection = 0
-routeAllTrafficThroughVpn = 1
-runMtuTest = 0
-useRouteUpInsteadOfUp = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-keepConnected = 0
-loggingLevel = 3
-lastConnectionSucceeded = 1
-prependDomainNameToSearchDomains = 0
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
================================================================================
Program preferences:
launchAtNextLogin = 1
tunnelblickVersionHistory = (
"3.7.4b (build 4921)"
)
statusDisplayNumber = 0
lastLaunchTime = 540243573.926268
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = client
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame ConnectingWindow = 525 529 389 187 0 0 1440 877
detailsWindowFrameVersion = 4921
detailsWindowFrame = {{39, 326}, {920, 468}}
detailsWindowLeftFrame = {{0, 0}, {165, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavSelectedDisplayName = client
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SULastCheckTime = 2018-02-13 19:39:34 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 16
WebKitStandardFont = Times
================================================================================
Tunnelblick Log:
2018-02-13 13:10:56 *Tunnelblick: openvpnstart starting OpenVPN
*Tunnelblick: OS X 10.13.3; Tunnelblick 3.7.4b (build 4921)
2018-02-13 13:10:56 *Tunnelblick: Attempting connection with client using shadow copy; Set nameserver = 769; monitoring connection
2018-02-13 13:10:56 *Tunnelblick: openvpnstart start client.tblk 1337 769 0 1 0 1098610 -ptADGNWradsgnw 2.4.4-openssl-1.0.2n
2018-02-13 13:10:58 *Tunnelblick: openvpnstart log:
Loading tap-signed.kext
OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.4-openssl-1.0.2n/openvpn
--daemon
--log
/Library/Application Support/Tunnelblick/Logs/-SUsers-Scyong-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sclient.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1098610.1337.openvpn.log
--cd
/Library/Application Support/Tunnelblick/Users/cyong/client.tblk/Contents/Resources
--setenv
IV_GUI_VER
"net.tunnelblick.tunnelblick 4921 3.7.4b (build 4921)"
--verb
3
--config
/Library/Application Support/Tunnelblick/Users/cyong/client.tblk/Contents/Resources/config.ovpn
--verb
3
--cd
/Library/Application Support/Tunnelblick/Users/cyong/client.tblk/Contents/Resources
--management
127.0.0.1
1337
--management-query-passwords
--management-hold
--redirect-gateway
def1
--script-security
2
--route-up
/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
--down
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
--route-pre-down
/Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw
2018-02-13 13:10:57 OpenVPN 2.4.4 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Dec 7 2017
2018-02-13 13:10:57 library versions: OpenSSL 1.0.2n 7 Dec 2017, LZO 2.10
2018-02-13 13:10:57 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
2018-02-13 13:10:57 Need hold release from management interface, waiting...
2018-02-13 13:10:58 *Tunnelblick: Established communication with OpenVPN
2018-02-13 13:10:58 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
2018-02-13 13:10:58 MANAGEMENT: CMD 'pid'
2018-02-13 13:10:58 MANAGEMENT: CMD 'state on'
2018-02-13 13:10:58 MANAGEMENT: CMD 'state'
2018-02-13 13:10:58 MANAGEMENT: CMD 'bytecount 1'
2018-02-13 13:10:58 MANAGEMENT: CMD 'hold release'
2018-02-13 13:10:58 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2018-02-13 13:10:58 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2018-02-13 13:10:58 MANAGEMENT: >STATE:1518556258,RESOLVE,,,,,,
2018-02-13 13:10:58 TCP/UDP: Preserving recently used remote address: [AF_INET]XXX.XXX.YYY.YYY:12974
2018-02-13 13:10:58 Socket Buffers: R=[196724->196724] S=[9216->9216]
2018-02-13 13:10:58 UDP link local: (not bound)
2018-02-13 13:10:58 UDP link remote: [AF_INET]XXX.XXX.YYY.YYY:12974
2018-02-13 13:10:58 MANAGEMENT: >STATE:1518556258,WAIT,,,,,,
2018-02-13 13:10:58 MANAGEMENT: >STATE:1518556258,AUTH,,,,,,
2018-02-13 13:10:58 TLS: Initial packet from [AF_INET]XXX.XXX.YYY.YYY:12974, sid=a1d6f7ba 1e18a3cb
2018-02-13 13:10:58 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear CA, name=EasyRSA, emailAddress=mail@netgear
2018-02-13 13:10:58 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=server, name=EasyRSA, emailAddress=mail@netgear
2018-02-13 13:10:58 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2018-02-13 13:10:58 [server] Peer Connection Initiated with [AF_INET]XXX.XXX.YYY.YYY:12974
2018-02-13 13:10:59 Key [AF_INET]XXX.XXX.YYY.YYY:12974 [0] not initialized (yet), dropping packet.
2018-02-13 13:10:59 MANAGEMENT: >STATE:1518556259,GET_CONFIG,,,,,,
2018-02-13 13:10:59 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2018-02-13 13:10:59 PUSH: Received control message: 'PUSH_REPLY,ping 10,ping-restart 120,route-delay 10,route-gateway 192.168.1.1,redirect-gateway def1'
2018-02-13 13:10:59 OPTIONS IMPORT: timers and/or timeouts modified
2018-02-13 13:10:59 OPTIONS IMPORT: route options modified
2018-02-13 13:10:59 OPTIONS IMPORT: route-related options modified
2018-02-13 13:10:59 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
2018-02-13 13:10:59 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
2018-02-13 13:10:59 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
2018-02-13 13:10:59 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
2018-02-13 13:10:59 TUN/TAP device /dev/tap0 opened
2018-02-13 13:10:59 dhcp-client-request.sh tap0 1500 1590 init
2018-02-13 13:11:09 /sbin/route add -net XXX.XXX.YYY.YYY 10.75.224.1 255.255.255.255
add net XXX.XXX.YYY.YYY: gateway 10.75.224.1
2018-02-13 13:11:09 /sbin/route add -net 0.0.0.0 192.168.1.1 128.0.0.0
add net 0.0.0.0: gateway 192.168.1.1
2018-02-13 13:11:09 /sbin/route add -net 128.0.0.0 192.168.1.1 128.0.0.0
add net 128.0.0.0: gateway 192.168.1.1
**********************************************
Start of output from client.up.tunnelblick.sh
NOTE: No network configuration changes need to be made.
WARNING: Will NOT monitor for other network configuration changes.
DNS servers 'ZZZ.ZZZ.ZZZ.ZZZ ZZZ.ZZZ.ZZZ.ZZY' will be used for DNS queries when the VPN is active
The DNS servers include only free public DNS servers known to Tunnelblick.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
End of output from client.up.tunnelblick.sh
**********************************************
2018-02-13 13:11:11 *Tunnelblick: No 'connected.sh' script to execute
2018-02-13 13:11:11 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2018-02-13 13:11:11 Initialization Sequence Completed
2018-02-13 13:11:11 MANAGEMENT: >STATE:1518556271,CONNECTED,SUCCESS,,XXX.XXX.YYY.YYY,12974,,
2018-02-13 13:11:30 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed
2018-02-13 13:11:31 *Tunnelblick: No 'pre-disconnect.sh' script to execute
2018-02-13 13:11:31 *Tunnelblick: Disconnecting using 'kill'
2018-02-13 13:11:31 event_wait : Interrupted system call (code=4)
2018-02-13 13:11:31 /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw tap0 1500 1590 init
**********************************************
Start of output from client.route-pre-down.tunnelblick.sh
WARNING: No saved Tunnelblick DNS configuration found; not doing anything.
End of output from client.route-pre-down.tunnelblick.sh
**********************************************
2018-02-13 13:11:32 /sbin/route delete -net XXX.XXX.YYY.YYY 10.75.224.1 255.255.255.255
delete net XXX.XXX.YYY.YYY: gateway 10.75.224.1
2018-02-13 13:11:32 /sbin/route delete -net 0.0.0.0 192.168.1.1 128.0.0.0
delete net 0.0.0.0: gateway 192.168.1.1
2018-02-13 13:11:32 /sbin/route delete -net 128.0.0.0 192.168.1.1 128.0.0.0
delete net 128.0.0.0: gateway 192.168.1.1
2018-02-13 13:11:32 Closing TUN/TAP interface
2018-02-13 13:11:32 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -a -d -f -m -w -ptADGNWradsgnw tap0 1500 1590 init
**********************************************
Start of output from client.down.tunnelblick.sh
WARNING: Not restoring DNS settings because no saved Tunnelblick DNS information was found.
Flushed the DNS cache via dscacheutil
/usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
Notified mDNSResponder that the DNS cache was flushed
End of output from client.down.tunnelblick.sh
**********************************************
2018-02-13 13:11:33 SIGTERM[hard,] received, process exiting
2018-02-13 13:11:33 MANAGEMENT: >STATE:1518556293,EXITING,SIGTERM,,,,,
2018-02-13 13:11:34 *Tunnelblick: No 'post-disconnect.sh' script to execute
2018-02-13 13:11:34 *Tunnelblick: Expected disconnection occurred.
================================================================================
"Sanitized" full configuration file
client
dev tap
proto udp
remote XXX.XXX.XXX.XXX 12974
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
comp-lzo
verb 5
script-security 2
up dhcp-client-request.sh
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
XHC20: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether b8:e8:56:1a:6b:8c
inet6 fe80::1c22:6eba:6337:5350%en0 prefixlen 64 secured scopeid 0x5
inet 10.75.229.24 netmask 0xfffff800 broadcast 10.75.231.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 0a:e8:56:1a:6b:8c
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether 5e:69:ba:42:15:29
inet6 fe80::5c69:baff:fe42:1529%awdl0 prefixlen 64 scopeid 0x7
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 32:00:1b:e5:80:00
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 32:00:1b:e5:80:00
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 8 priority 0 path cost 0
nd6 options=201<PERFORMNUD,DAD>
media: <unknown type>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::70a9:294e:2042:21d8%utun0 prefixlen 64 scopeid 0xa
nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::a93d:b8e4:d137:2063%utun1 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Console Log:
2018-02-13 11:19:44 Tunnelblick[14917] startDisconnectingUserKnows: while already disconnecting 'client'; OpenVPN state = 'DISCONNECTING'
2018-02-13 11:19:45 Tunnelblick[14917] startDisconnectingUserKnows: while already disconnecting 'client'; OpenVPN state = 'DISCONNECTING'
2018-02-13 11:19:45 Tunnelblick[14917] startDisconnectingUserKnows: while already disconnecting 'client'; OpenVPN state = 'DISCONNECTING'
2018-02-13 11:19:45 Tunnelblick[14917] startDisconnectingUserKnows: while already disconnecting 'client'; OpenVPN state = 'DISCONNECTING'
2018-02-13 11:19:46 Tunnelblick[14917] startDisconnectingUserKnows: while already disconnecting 'client'; OpenVPN state = 'DISCONNECTING'
2018-02-13 11:19:56 Tunnelblick[14917] startDisconnectingUserKnows: while already disconnecting 'client'; OpenVPN state = 'RECONNECTING'
2018-02-13 11:22:38 Tunnelblick[14917] applicationShouldTerminate: termination because of restart; delayed until 'shutdownTunnelblick' finishes
2018-02-13 11:22:38 Tunnelblick[14917] Finished shutting down Tunnelblick; allowing termination
2018-02-13 11:23:36 Tunnelblick[395] Tunnelblick: OS X 10.13.3; Tunnelblick 3.7.4b (build 4921)
2018-02-13 11:31:58 Tunnelblick[886] Tunnelblick: OS X 10.13.3; Tunnelblick 3.7.4b (build 4921)
2018-02-13 11:31:59 Tunnelblick[886] Sparkle: ===== Tunnelblick =====
2018-02-13 11:31:59 Tunnelblick[886] Sparkle: Verified appcast signature
2018-02-13 11:39:17 Tunnelblick[886] applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes
2018-02-13 11:39:18 Tunnelblick[886] Finished shutting down Tunnelblick; allowing termination
2018-02-13 11:39:33 Tunnelblick[1015] Tunnelblick: OS X 10.13.3; Tunnelblick 3.7.4b (build 4921)
2018-02-13 11:39:34 Tunnelblick[1015] Sparkle: ===== Tunnelblick =====
2018-02-13 11:39:34 Tunnelblick[1015] Sparkle: Verified appcast signature
2018-02-13 11:39:53 Tunnelblick[1015] Using icon set 'TunnelBlick-black-white.TBMenuIcons' without Retina images
2018-02-13 11:50:49 tunnelblickd[1128] Status = 1 from tunnelblick-helper command 'down 2'
2018-02-13 11:50:49 Tunnelblick[1015] tunnelblickd status from down: 1
tunnelblickd stdout:
'Executing client.2.down.tunnelblick.sh in /Applications/Tunnelblick.app/Contents/Resources...
client.2.down.tunnelblick.sh returned with status 1
'