Upgraded MBP to MacOS 10.14.6 and Tunnelblick stopped working

kdlin1

unread,

Sep 14, 2019, 12:35:27 AM9/14/19

to tunnelblick-discuss

Hi,

I upgraded my MacbookPro from 10.14.5 to 10.14.6 and then Tunnelblick immediately stopped working. It worked fine before the MacOS upgrade. I downloaded the latest Tunnelblick Beta software and it still does not work. Please help.

David

PS. I followed the instruction and pasted the log as below:

*Tunnelblick: macOS XXX.14.6 (18G95); Tunnelblick 3.8.2beta01 (build 5410); prior version 3.8.0 (build 5370); Admin user

git commit b6dc395734e6264dc5a68d6f630a2e44663c1c16

Configuration fw01-TCP4-443-david_MBP_2019_08_01-config

"Sanitized" condensed configuration file for /Users/davidlin/Library/Application Support/Tunnelblick/Configurations/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk:

dev tun

persist-tun

persist-key

cipher AES-256-CBC

ncp-ciphers AES-128-GCM:AES-256-GCM

auth SHA1

tls-client

client

resolv-retry infinite

remote XXX.XXX.XX.XX 443 tcp-client

setenv opt block-outside-dns

lport 0

verify-x509-name "vpn.XXX.com" name

remote-cert-tls server

comp-lzo adaptive

<ca>

[Security-related line(s) omitted]

</ca>

<cert>

[Security-related line(s) omitted]

</cert>

<key>

[Security-related line(s) omitted]

</key>

key-direction 1

<tls-auth>

[Security-related line(s) omitted]

</tls-auth>

================================================================================

Files in fw01-TCP4-443-david_MBP_2019_08_01-config.tblk:

Contents/Resources/config.ovpn

================================================================================

Configuration preferences:

-routeAllTrafficThroughVpn = 0

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

-keepConnected = 1

-doNotDisableIpv6onTun = 0

-allowChangesToManuallySetNetworkSettings = 0

-lastConnectionSucceeded = 1

-prependDomainNameToSearchDomains = 0

================================================================================

Wildcard preferences:

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

================================================================================

Program preferences:

launchAtNextLogin = 1

tunnelblickVersionHistory = (

"3.8.2beta01 (build 5410)",

"3.8.1beta02 (build 5390)",

"3.8.0 (build 5370)"

)

statusDisplayNumber = 0

lastLaunchTime = 590122259.157147

lastLanguageAtLaunchWasRTL = 0

connectionWindowDisplayCriteria = showWhenConnecting

maxLogDisplaySize = 102400

lastConnectedDisplayName = fw01-TCP4-443-david_MBP_2019_08_01-config

keyboardShortcutIndex = 1

updateCheckAutomatically = 1

NSWindow Frame SettingsSheetWindow = -833 253 829 524 -1920 0 1920 1177

NSWindow Frame ConnectingWindow = 765 742 389 187 0 0 1920 1177

NSWindow Frame SUUpdateAlert = 1443 768 620 392 0 0 3440 1417

detailsWindowFrameVersion = 5410

detailsWindowFrame = {{7, 488}, {920, 468}}

detailsWindowLeftFrame = {{0, 0}, {167, 350}}

detailsWindowViewIndex = 0

detailsWindowConfigurationsTabIdentifier = settings

leftNavSelectedDisplayName = fw01-TCP4-443-david_MBP_2019_08_01-config

AdvancedWindowTabIdentifier = sounds

haveDealtWithOldTunTapPreferences = 1

haveDealtWithOldLoginItem = 1

haveDealtWithAfterDisconnect = 1

SUEnableAutomaticChecks = 1

SUScheduledCheckInterval = 86400

SULastCheckTime = 2019-09-14 02:50:59 +0000

SUHasLaunchedBefore = 1

WebKitDefaultFontSize = 16

WebKitStandardFont = Times

================================================================================

Tunnelblick Log:

2019-09-13 20:44:XXX.134221 *Tunnelblick: macOS XXX.14.6 (18G95); Tunnelblick 3.8.2beta01 (build 5410); prior version 3.8.0 (build 5370)

2019-09-13 20:44:XXX.614730 *Tunnelblick: Attempting connection with fw01-TCP4-443-david_MBP_2019_08_01-config using shadow copy; Set nameserver = 7XXX; monitoring connection

2019-09-13 20:44:XXX.614922 *Tunnelblick: openvpnstart start fw01-TCP4-443-david_MBP_2019_08_01-config.tblk 56794 7XXX 0 1 0 1098032 -ptADGNWradsgnw 2.4.7-openssl-1.0.2t

2019-09-13 20:44:XXX.631579 *Tunnelblick: openvpnstart starting OpenVPN

2019-09-13 20:44:XXX.816197 Unrecognized option or missing or extra parameter(s) in /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk/Contents/Resources/config.ovpn:11: block-outside-dns (2.4.7)

2019-09-13 20:44:XXX.816458 OpenVPN 2.4.7 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Sep 11 2019

2019-09-13 20:44:XXX.816477 library versions: OpenSSL 1.0.2t 10 Sep 2019, LZO 2.10

2019-09-13 20:44:XXX.817326 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:56794

2019-09-13 20:44:XXX.817358 Need hold release from management interface, waiting...

2019-09-13 20:44:11.237223 *Tunnelblick: openvpnstart log:

OpenVPN started successfully.

Command used to start OpenVPN (one argument per displayed line):

/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.7-openssl-1.0.2t/openvpn

--daemon

--log /Library/Application Support/Tunnelblick/Logs/-SUsers-Sdavidlin-SLibrary-SApplication Support-STunnelblick-SConfigurations-Sfw01--TCP4--443--david_MBP_2019_08_01--config.tblk-SContents-SResources-Sconfig.ovpn.7XXX_0_1_0_1098032.56794.openvpn.log

--cd /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk/Contents/Resources

--machine-readable-output

--setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5410 3.8.2beta01 (build 5410)"

--verb 3

--config /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk/Contents/Resources/config.ovpn

--setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk/Contents/Resources

--verb 3

--cd /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk/Contents/Resources

--management 127.0.0.1 56794 /Library/Application Support/Tunnelblick/egdafllmmfjibonlkkgdnkoapdgdpgjncjnppifh.mip

--management-query-passwords

--management-hold

--script-security 2

--route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

--down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

2019-09-13 20:44:11.243099 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:56794

2019-09-13 20:44:11.299178 MANAGEMENT: CMD 'pid'

2019-09-13 20:44:11.299219 MANAGEMENT: CMD 'auth-retry interact'

2019-09-13 20:44:11.299238 MANAGEMENT: CMD 'state on'

2019-09-13 20:44:11.299254 MANAGEMENT: CMD 'state'

2019-09-13 20:44:11.299281 MANAGEMENT: CMD 'bytecount 1'

2019-09-13 20:44:11.299860 *Tunnelblick: Established communication with OpenVPN

2019-09-13 20:44:11.300753 *Tunnelblick: >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info

2019-09-13 20:44:11.303646 MANAGEMENT: CMD 'hold release'

2019-09-13 20:44:11.303809 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2019-09-13 20:44:11.304397 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

2019-09-13 20:44:11.304411 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

2019-09-13 20:44:11.304906 TCP/UDP: Preserving recently used remote address: [AF_INETXXX.XXX.XX.XX:443

2019-09-13 20:44:11.304947 Socket Buffers: R=[131072->131072] S=[131072->131072]

2019-09-13 20:44:11.304967 Attempting to establish TCP connection with [AF_INETXXX.XXX.XX.XX:443 [nonblock]

2019-09-13 20:44:11.304978 MANAGEMENT: >STATE:1568432651,TCP_CONNECT,,,,,,

2019-09-13 20:44:12.379502 TCP connection established with [AF_INETXXX.XXX.XX.XX:443

2019-09-13 20:44:12.379585 TCP_CLIENT link local (bound): [AF_INET][undef]:0

2019-09-13 20:44:12.379615 TCP_CLIENT link remote: [AF_INETXXX.XXX.XX.XX:443

2019-09-13 20:44:12.379674 MANAGEMENT: >STATE:1568432652,WAIT,,,,,,

2019-09-13 20:44:12.395521 MANAGEMENT: >STATE:1568432652,AUTH,,,,,,

2019-09-13 20:44:12.395637 TLS: Initial packet from [AF_INETXXX.XXX.XX.XX:443, sid=02583dfd 215be55c

2019-09-13 20:44:12.438037 VERIFY OK: depth=1, C=US, ST=California, L=XXX, O=XXX, emailAddress=ad...@XXX.com, CN=internal-vpn-ca

2019-09-13 20:44:12.438478 VERIFY KU OK

2019-09-13 20:44:12.438510 Validating certificate extended key usage

2019-09-13 20:44:12.438528 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

2019-09-13 20:44:12.438541 VERIFY EKU OK

2019-09-13 20:44:12.438553 VERIFY X509NAME OK: C=US, ST=California, L=XXX, O=XXX, emailAddress=ad...@XXX.com, CN=vpn.XXX.com

2019-09-13 20:44:12.438565 VERIFY OK: depth=0, C=US, ST=California, L=XXX, O=XXX, emailAddress=ad...@XXX.com, CN=vpn.XXX.com

2019-09-13 20:44:12.502644 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA

2019-09-13 20:44:12.502760 [vpn.XXX.com] Peer Connection Initiated with [AF_INETXXX.XXX.XX.XX:443

2019-09-13 20:44:13.6XXX972 MANAGEMENT: >STATE:1568432653,GET_CONFIG,,,,,,

2019-09-13 20:44:13.670114 SENT CONTROL [vpn.XXX.com]: 'PUSH_REQUEST' (status=1)

2019-09-13 20:44:13.XXX9412 PUSH: Received control message: 'PUSH_REPLY,route XXX.XXX.XX.X 255.255.255.0,route XXX.XXX.XX.X 255.255.255.0,dhcp-option DOMAIN XXX.com,dhcp-option DNS XXX.XXX.XX.X,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,register-dns,dhcp-option NTP XXX.XXX.77.16,route-gateway XXX.168.77.1,topology subnet,ping 10,ping-restart 60,ifconfig XXX.168.77.9 255.255.255.0,peer-id 0,cipher AES-128-GCM'

2019-09-13 20:44:13.XXX9612 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: register-dns (2.4.7)

2019-09-13 20:44:13.XXX9704 OPTIONS IMPORT: timers and/or timeouts modified

2019-09-13 20:44:13.XXX9728 OPTIONS IMPORT: --ifconfig/up options modified

2019-09-13 20:44:13.XXX9746 OPTIONS IMPORT: route options modified

2019-09-13 20:44:13.XXX9807 OPTIONS IMPORT: route-related options modified

2019-09-13 20:44:13.XXX9820 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

2019-09-13 20:44:13.XXX9831 OPTIONS IMPORT: peer-id set

2019-09-13 20:44:13.XXX9843 OPTIONS IMPORT: adjusting link_mtu to 1627

2019-09-13 20:44:13.XXX9853 OPTIONS IMPORT: data channel crypto options modified

2019-09-13 20:44:13.XXX9867 Data Channel: using negotiated cipher 'AES-128-GCM'

2019-09-13 20:44:13.700028 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key

2019-09-13 20:44:13.700047 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key

2019-09-13 20:44:13.700433 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)

2019-09-13 20:44:13.700460 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)

2019-09-13 20:44:13.700551 Opened utun device utun2

2019-09-13 20:44:13.700573 MANAGEMENT: >STATE:1568432653,ASSIGN_IP,,XXX.168.77.9,,,,

2019-09-13 20:44:13.700606 /sbin/ifconfig utun2 delete

ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address

2019-09-13 20:44:13.704267 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure

2019-09-13 20:44:13.704327 /sbin/ifconfig utun2 XXX.168.77.9 XXX.168.77.9 netmask 255.255.255.0 mtu 1500 up

2019-09-13 20:44:13.707355 /sbin/route add -net XXX.168.77.0 XXX.168.77.9 255.255.255.0

add net XXX.168.XX.X: gateway XXX.168.77.9

2019-09-13 20:44:13.709788 MANAGEMENT: >STATE:1568432653,ADD_ROUTES,,,,,,

2019-09-13 20:44:13.709833 /sbin/route add -net XXX.XXX.77.0 XXX.168.77.1 255.255.255.0

add net XXX.XXX.77.0: gateway XXX.168.77.1

2019-09-13 20:44:13.712197 /sbin/route add -net XXX.XXX.78.0 XXX.168.77.1 255.255.255.0

add net XXX.XXX.78.0: gateway XXX.168.77.1

20:44:13 *Tunnelblick: **********************************************

20:44:13 *Tunnelblick: Start of output from client.up.tunnelblick.sh

20:44:16 *Tunnelblick: Disabled IPv6 for 'Thunderbolt Ethernet Slot 1'

20:44:16 *Tunnelblick: Disabled IPv6 for 'iPhone USB'

20:44:16 *Tunnelblick: Disabled IPv6 for 'Wi-Fi'

20:44:16 *Tunnelblick: Disabled IPv6 for 'Bluetooth PAN'

20:44:16 *Tunnelblick: Disabled IPv6 for 'Thunderbolt Bridge'

20:44:16 *Tunnelblick: WARNING: 'foreign_option_5' = 'dhcp-option NTP XXX.XXX.77.16' ignored

20:44:16 *Tunnelblick: Retrieved from OpenVPN: name server(s) [ XXX.XXX.77.5 8.8.8.8 8.8.4.4 ], domain name [ XXX.com ], search domain(s) [ ], and SMB server(s) [ ]

20:44:16 *Tunnelblick: WARNING: Ignoring ServerAddresses 'XXX.XXX.77.5 8.8.8.8 8.8.4.4' because ServerAddresses was set manually and '-allowChangesToManuallySetNetworkSettings' was not specified

20:44:16 *Tunnelblick: Setting search domains to ‘XXX.com' because the search domains were not set manually (or are allowed to be changed) and 'Prepend domain name to search domains' was not selected

20:44:17 *Tunnelblick: Saved the DNS and SMB configurations so they can be restored

20:44:17 *Tunnelblick: Did not change DNS ServerAddresses setting of 'XXX.XXX.1.1 8.8.8.8 XXX.XXX.77.5' (but re-set it)

20:44:17 *Tunnelblick: Changed DNS SearchDomains setting from '' to ‘XXX.com'

20:44:17 *Tunnelblick: Changed DNS DomainName setting from 'home' to ‘XXX.com'

20:44:17 *Tunnelblick: Did not change SMB NetBIOSName setting of ''

20:44:17 *Tunnelblick: Did not change SMB Workgroup setting of ''

20:44:17 *Tunnelblick: Did not change SMB WINSAddresses setting of ''

20:44:17 *Tunnelblick: DNS servers 'XXX.XXX.1.1 8.8.8.8 XXX.XXX.77.5' were set manually

20:44:17 *Tunnelblick: DNS servers 'XXX.XXX.1.1 8.8.8.8 XXX.XXX.77.5' will be used for DNS queries when the VPN is active

20:44:17 *Tunnelblick: NOTE: The DNS servers include one or more free public DNS servers known to Tunnelblick and one or more DNS servers not known to Tunnelblick. If used, the DNS servers not known to Tunnelblick may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.

20:44:17 *Tunnelblick: Flushed the DNS cache via dscacheutil

20:44:17 *Tunnelblick: /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil

20:44:17 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed

20:44:17 *Tunnelblick: Not notifying mDNSResponderHelper that the DNS cache was flushed because it is not running

20:44:17 *Tunnelblick: Setting up to monitor system configuration with process-network-changes

20:44:17 *Tunnelblick: End of output from client.up.tunnelblick.sh

20:44:17 *Tunnelblick: **********************************************

2019-09-13 20:44:17.7XXX618 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

2019-09-13 20:44:17.7XXX645 Initialization Sequence Completed

2019-09-13 20:44:17.7XXX683 MANAGEMENT: >STATE:1568432657,CONNECTED,SUCCESS,XXX.168.77.9,XXX.135.66.66,443,XXX.XXX.1.73,61542

2019-09-13 20:44:17.986XXX9 *Tunnelblick: Warning: DNS server address XXX.XXX.1.1 is not a public IP address and is not being routed through the VPN.

2019-09-13 20:44:18.092818 *Tunnelblick: DNS address XXX.XXX.77.5 is being routed through the VPN

2019-09-13 20:44:18.198985 *Tunnelblick: Warning: DNS server address 75.75.75.75 is not a public DNS server known to Tunnelblick and is not being routed through the VPN

2019-09-13 20:44:18.301972 *Tunnelblick: Warning: DNS server address 75.75.76.76 is not a public DNS server known to Tunnelblick and is not being routed through the VPN

2019-09-13 20:44:18.408545 *Tunnelblick: Warning: DNS server Address 8.8.8.8 is a known public DNS server but is not being routed through the VPN

2019-09-13 20:44:22.357600 *Tunnelblick: process-network-changes: A system configuration change was ignored

2019-09-13 20:44:24.373500 *Tunnelblick: This computer's apparent public IP address changed from XXX:8e12:3948:e272:56cb:c6de before connection to XXX.XX.YY.141.29 after connection

2019-09-13 20:57:03.453058 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed

2019-09-13 20:57:03.760290 *Tunnelblick: Disconnecting using 'kill'

2019-09-13 20:57:03.925012 event_wait : Interrupted system call (code=4)

2019-09-13 20:57:03.925406 /sbin/route delete -net XXX.XXX.77.0 XXX.168.77.1 255.255.255.0

delete net XXX.XXX.77.0: gateway XXX.168.77.1

2019-09-13 20:57:03.928458 /sbin/route delete -net XXX.XXX.78.0 XXX.168.77.1 255.255.255.0

delete net XXX.XXX.78.0: gateway XXX.168.77.1

2019-09-13 20:57:03.930366 Closing TUN/TAP interface

2019-09-13 20:57:03.930756 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun2 1500 1555 XXX.168.77.9 255.255.255.0 init

20:57:03 *Tunnelblick: **********************************************

20:57:03 *Tunnelblick: Start of output from client.down.tunnelblick.sh

20:57:04 *Tunnelblick: Cancelled monitoring system configuration changes

20:57:04 *Tunnelblick: Restored State:DNS

20:57:04 *Tunnelblick: Restored Setup:DNS

20:57:04 *Tunnelblick: Restored DNS and SMB settings

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Ethernet Slot 1"

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Wi-Fi"

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Bluetooth PAN"

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Bridge"

20:57:04 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache

20:57:04 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed

20:57:04 *Tunnelblick: End of output from client.down.tunnelblick.sh

20:57:04 *Tunnelblick: **********************************************

2019-09-13 20:57:04.364600 SIGTERM[hard,] received, process exiting

2019-09-13 20:57:04.364641 MANAGEMENT: >STATE:1568433424,EXITING,SIGTERM,,,,,

2019-09-13 20:57:04.729756 *Tunnelblick: Expected disconnection occurred.

================================================================================

Down log:

20:57:03 *Tunnelblick: **********************************************

20:57:03 *Tunnelblick: Start of output from client.down.tunnelblick.sh

20:57:04 *Tunnelblick: Cancelled monitoring system configuration changes

20:57:04 *Tunnelblick: Restored State:DNS

20:57:04 *Tunnelblick: Restored Setup:DNS

20:57:04 *Tunnelblick: Removed State:SMB

20:57:04 *Tunnelblick: Restored DNS and SMB settings

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Ethernet Slot 1"

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Wi-Fi"

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Bluetooth PAN"

20:57:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Bridge"

20:57:04 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache

20:57:04 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed

20:57:04 *Tunnelblick: End of output from client.down.tunnelblick.sh

20:57:04 *Tunnelblick: **********************************************

================================================================================

Previous down log:

20:42:10 *Tunnelblick: **********************************************

20:42:10 *Tunnelblick: Start of output from client.down.tunnelblick.sh

20:42:10 *Tunnelblick: Cancelled monitoring system configuration changes

20:42:10 *Tunnelblick: Restored State:DNS

20:42:10 *Tunnelblick: Restored Setup:DNS

20:42:10 *Tunnelblick: Removed State:SMB

20:42:10 *Tunnelblick: Restored DNS and SMB settings

20:42:10 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Ethernet Slot 1"

20:42:10 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"

20:42:10 *Tunnelblick: Re-enabled IPv6 (automatic) for "Wi-Fi"

20:42:10 *Tunnelblick: Re-enabled IPv6 (automatic) for "Bluetooth PAN"

20:42:10 *Tunnelblick: Re-enabled IPv6 (automatic) for "Thunderbolt Bridge"

20:42:10 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache

20:42:10 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed

20:42:10 *Tunnelblick: End of output from client.down.tunnelblick.sh

20:42:10 *Tunnelblick: **********************************************

================================================================================

Network services:

An asterisk (*) denotes that a network service is disabled.

Thunderbolt Ethernet Slot 1

iPhone USB

Wi-Fi

Bluetooth PAN

Thunderbolt Bridge

Wi-Fi Power (en0): On

================================================================================

ifconfig output:

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384

options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>

inet 127.0.0.1 netmask 0xff000000

inet6 ::1 prefixlen 128

inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1

nd6 options=201<PERFORMNUD,DAD>

gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280

stf0: flags=0<> mtu 1280

XHC4: flags=0<> mtu 0

XHC20: flags=0<> mtu 0

XHC2: flags=0<> mtu 0

VHC128: flags=0<> mtu 0

en5: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

ether ac:de:48:00:11:22

inet6 fe80::aede:48ff:fe00:1122%en5 prefixlen 64 scopeid 0xc

nd6 options=201<PERFORMNUD,DAD>

media: autoselect (100baseTX <full-duplex>)

status: active

ap1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500

ether a6:83:e7:2e:c8:a1

media: autoselect

status: inactive

en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

ether a4:83:e7:2e:c8:a1

inet XXX.233.65.XXX netmask 0xfffc0000 broadcast XXX.235.255.255

inet6 fe80::6:2b66:d455:f335%en0 prefixlen 64 secured scopeid 0xe

inet6 XXX:8e12:c71:cb0:f6ca:25a1 prefixlen 64 autoconf secured

inet6 XXX:8e12:4c70:b408:b33c:8216 prefixlen 64 autoconf temporary

nd6 options=201<PERFORMNUD,DAD>

media: autoselect

status: active

p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304

ether 06:83:e7:2e:c8:a1

media: autoselect

status: inactive

awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484

ether a6:97:c4:1e:a0:78

inet6 fe80::a497:c4ff:fe1e:a078%awdl0 prefixlen 64 scopeid 0x10

nd6 options=201<PERFORMNUD,DAD>

media: autoselect

status: active

en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500

options=60<TSO4,TSO6>

ether 9e:00:78:32:66:01

media: autoselect <full-duplex>

status: inactive

en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500

options=60<TSO4,TSO6>

ether 9e:00:78:32:66:00

media: autoselect <full-duplex>

status: inactive

en3: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500

options=60<TSO4,TSO6>

ether 9e:00:78:32:66:05

media: autoselect <full-duplex>

status: inactive

en4: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500

options=60<TSO4,TSO6>

ether 9e:00:78:32:66:04

media: autoselect <full-duplex>

status: inactive

bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=63<RXCSUM,TXCSUM,TSO4,TSO6>

ether 9e:00:78:32:66:01

Configuration:

id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0

maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200

root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0

ipfilter disabled flags 0x2

member: en1 flags=3<LEARNING,DISCOVER>

ifmaxaddr 0 port 17 priority 0 path cost 0

member: en2 flags=3<LEARNING,DISCOVER>

ifmaxaddr 0 port 18 priority 0 path cost 0

member: en3 flags=3<LEARNING,DISCOVER>

ifmaxaddr 0 port 19 priority 0 path cost 0

member: en4 flags=3<LEARNING,DISCOVER>

ifmaxaddr 0 port 20 priority 0 path cost 0

nd6 options=201<PERFORMNUD,DAD>

media: <unknown type>

status: inactive

utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000

inet6 fe80::1744:bXXX:dd4f:78b8%utun0 prefixlen 64 scopeid 0x16

nd6 options=201<PERFORMNUD,DAD>

utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380

inet6 fe80::5350:62:246e:22e9%utun1 prefixlen 64 scopeid 0x17

nd6 options=201<PERFORMNUD,DAD>

XHC1: flags=0<> mtu 0

XHC0: flags=0<> mtu 0

XHC3: flags=0<> mtu 0

en8: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

options=b<RXCSUM,TXCSUM,VLAN_HWTAGGING>

ether 00:50:b6:9c:6b:83

inet XXX.XXX.1.73 netmask 0xffffff00 broadcast XXX.XXX.1.255

inet6 fe80::1c20:e5f5:dc9:956b%en8 prefixlen 64 secured scopeid 0xb

nd6 options=201<PERFORMNUD,DAD>

media: autoselect (1000baseT <full-duplex,flow-control>)

status: active

================================================================================

Non-Apple kexts that are loaded:

Index Refs Address Size Wired Name (Version) UUID <Linked Against>

================================================================================

Quit Log:

2019-09-13 19:50:46.016355 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)

2019-09-13 19:50:46.050370 shutDownTunnelblick: started.

2019-09-13 19:50:46.050598 shutDownTunnelblick: Starting cleanup.

2019-09-13 19:50:46.050805 cleanup: Entering cleanup

2019-09-13 19:50:46.051007 cleanup aborted because Tunnelblick did not finish launching

2019-09-13 19:50:46.051145 shutDownTunnelblick: Cleanup finished.

2019-09-13 19:50:46.051313 Finished shutting down Tunnelblick; allowing termination

================================================================================

Console Log:

2019-09-13 19:37:55.414199 Tunnelblick[15266] The OpenVPN log contains the following message:

"Unrecognized option or missing or extra parameter(s)".

This error means that an option that is contained in the OpenVPN configuration file or was "pushed" by the OpenVPN server:

• has been misspelled,

• has missing or extra arguments, or

• is not implemented by the version of OpenVPN which is being used for this configuration. It may be a new option that is not implemented in an old version of OpenVPN, or an old option that has been removed in a new version of OpenVPN. You can choose what version of OpenVPN to use with this configuration in the "Settings" tab of the "Configurations" panel of Tunnelblick's "VPN Details" window.

See the VPN log in the "Log" tab of the "Configurations" panel of Tunnelblick's "VPN Details" window for details.

2019-09-13 19:40:15.262743 Tunnelblick[15266] Set 'expect disconnect 1 -SLibrary-SApplication Support-STunnelblick-SUsers-Sdavidlin-Sfw01--TCP4--443--david_MBP_2019_08_01--config-Dtblk-SContents-SResources'

2019-09-13 19:50:15.513874 Tunnelblick[45568] Tunnelblick: macOS XXX.14.6; Tunnelblick 3.8.2beta01 (build 5410)

2019-09-13 19:50:15.938290 Tunnelblick[45568] Tunnelblick cannot run when it is on /Volumes because the volume has the MNT_NOSUID statfs flag set.

2019-09-13 19:50:43.823146 Tunnelblick[15266] SIGTERM (signal 15) received

2019-09-13 19:50:43.825824 Tunnelblick[15266] cleanup: Entering cleanup

2019-09-13 19:50:43.826054 Tunnelblick[15266] synchronized user defaults

2019-09-13 19:50:44.273142 Tunnelblick[15266] Set 'expect disconnect 0 ALL'

2019-09-13 19:50:44.634432 Tunnelblick[15266] Finished shutting down Tunnelblick; allowing termination

2019-09-13 19:50:44.942813 Tunnelblick[45568] Tunnelblick needs to:

• Be installed in /Applications as Tunnelblick

• Change ownership and permissions of the program to secure it

• Secure configurations

2019-09-13 19:50:44.942875 Tunnelblick[45568] Beginning installation or repair

2019-09-13 19:50:45.79XXX10 Tunnelblick[45568] Installation or repair succeeded; Log:

Tunnelblick installer started 2019-09-13 19:50:44.994843. 1 arguments: 0x0017

getuid() = 501; getgid() = 20; geteuid() = 0; getegid() = 20

Moved /Applications/Tunnelblick.app to the Trash

Copied /Volumes/Tunnelblick/Tunnelblick.app to /Applications/Tunnelblick.app

Removed any 'com.apple.quarantine' extended attributes

Changed ownership of /Applications/Tunnelblick.app and its contents from 501:80 to 0:0

Need to replace and/or reload 'tunnelblickd':

daemonHashesMatch = NO

plistHashesMatch = YES

activePlistMatches = YES

Replaced /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist

Used launchctl to load tunnelblickd

Tunnelblick installer finished without error

2019-09-13 19:50:46.015167 Tunnelblick[45592] Tunnelblick: macOS XXX.14.6; Tunnelblick 3.8.2beta01 (build 5410)

2019-09-13 19:50:46.050760 Tunnelblick[45568] cleanup: Entering cleanup

2019-09-13 19:50:46.050971 Tunnelblick[45568] cleanup aborted because Tunnelblick did not finish launching

2019-09-13 19:50:46.051279 Tunnelblick[45568] Finished shutting down Tunnelblick; allowing termination

2019-09-13 19:50:59.330808 Tunnelblick[45592] Sparkle: ===== Tunnelblick.app =====

2019-09-13 19:50:59.331116 Tunnelblick[45592] Sparkle: Verified appcast signature

2019-09-13 19:51:58.380619 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: One or more CR characters have been removed or replaced with LF characters

2019-09-13 19:51:58.384271 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: One or more CR characters have been removed or replaced with LF characters

2019-09-13 19:51:58.386285 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: Converted OpenVPN configuration

2019-09-13 19:52:03.591704 Tunnelblick[45592] Tunnelblick needs to perform an action that requires a computer administrator's authorization.

2019-09-13 19:52:03.591776 Tunnelblick[45592] Beginning installation or repair

2019-09-13 19:52:03.682323 Tunnelblick[45592] Installation or repair succeeded; Log:

Tunnelblick installer started 2019-09-13 19:52:03.643033. 3 arguments: 0x0001

/Users/davidlin/Library/Application Support/Tunnelblick/Configurations/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

/private/var/folders/sp/skb_2_313pvbwc72brfgzdk40000gn/T/Tunnelblick-8beYYZ/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

getuid() = 501; getgid() = 20; geteuid() = 0; getegid() = 20

Copied /private/var/folders/sp/skb_2_313pvbwc72brfgzdk40000gn/T/Tunnelblick-8beYYZ/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

to /Users/davidlin/Library/Application Support/Tunnelblick/Configurations/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk.temp

Renamed /Users/davidlin/Library/Application Support/Tunnelblick/Configurations/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk.temp

to /Users/davidlin/Library/Application Support/Tunnelblick/Configurations/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

Changed ownership of /Users/davidlin/Library/Application Support/Tunnelblick/Configurations/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk and its contents from 501:20 to 501:80

Deleted /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

Copied /Users/davidlin/Library/Application Support/Tunnelblick/Configurations/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

to /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk.temp

Renamed /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk.temp

to /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

Changed ownership of /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk and its contents from 501:80 to 0:0

Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk/Contents

Changed permissions from 750 to 755 on /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk/Contents/Resources

Changed permissions from 740 to 700 on /Library/Application Support/Tunnelblick/Users/davidlin/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk/Contents/Resources/config.ovpn

Updated secure (shadow) copy of fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

Tunnelblick installer finished without error

2019-09-13 19:53:03.860878 Tunnelblick[45592] currentIPInfo(Name): IP address info could not be fetched within 38.4 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x6000037cc150 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'

2019-09-13 19:53:42.013740 Tunnelblick[45592] currentIPInfo(Address): IP address info could not be fetched within 38.2 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600003724150 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'

2019-09-13 19:53:42.014040 Tunnelblick[45592] An error occured fetching IP address information after connecting

2019-09-13 19:54:08.627959 Tunnelblick[45592] The OpenVPN log contains the following message:

"Unrecognized option or missing or extra parameter(s)".

This error means that an option that is contained in the OpenVPN configuration file or was "pushed" by the OpenVPN server:

• has been misspelled,

• has missing or extra arguments, or

• is not implemented by the version of OpenVPN which is being used for this configuration. It may be a new option that is not implemented in an old version of OpenVPN, or an old option that has been removed in a new version of OpenVPN. You can choose what version of OpenVPN to use with this configuration in the "Settings" tab of the "Configurations" panel of Tunnelblick's "VPN Details" window.

See the VPN log in the "Log" tab of the "Configurations" panel of Tunnelblick's "VPN Details" window for details.

2019-09-13 19:55:05.445740 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: One or more CR characters have been removed or replaced with LF characters

2019-09-13 19:55:05.449316 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: One or more CR characters have been removed or replaced with LF characters

2019-09-13 19:55:05.451016 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: Converted OpenVPN configuration

2019-09-13 19:55:05.908581 Tunnelblick[45592] currentIPInfo(Name): IP address info could not be fetched within 38.7 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x600003599e60 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=https://tunnelblick.net/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'

2019-09-13 19:55:44.435801 Tunnelblick[45592] currentIPInfo(Address): IP address info could not be fetched within 38.5 seconds; the error was 'Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={NSUnderlyingError=0x6000037f2670 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out." UserInfo={NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4, NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=https://205.233.73.116/ipinfo, NSErrorFailingURLKey=https://205.233.73.116/ipinfo, _kCFStreamErrorDomainKey=4, _kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed out.}'; the response was '(null)'

2019-09-13 19:55:44.436343 Tunnelblick[45592] An error occured fetching IP address information after connecting

2019-09-13 19:56:32.465374 Tunnelblick[45592] Set 'expect disconnect 1 -SLibrary-SApplication Support-STunnelblick-SUsers-Sdavidlin-Sfw01--TCP4--443--david_MBP_2019_08_01--config-Dtblk-SContents-SResources'

2019-09-13 19:57:41.192853 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: One or more CR characters have been removed or replaced with LF characters

2019-09-13 19:57:41.196223 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: One or more CR characters have been removed or replaced with LF characters

2019-09-13 19:57:41.198274 Tunnelblick[45592] Converting/Installing /Users/davidlin/Downloads/fw01-TCP4-443-david_MBP_2019_08_01-config.ovpn: Converted OpenVPN configuration

2019-09-13 19:57:45.XXX5742 Tunnelblick[45592] Tunnelblick needs to perform an action that requires a computer administrator's authorization.

2019-09-13 19:57:45.XXX5805 Tunnelblick[45592] Beginning installation or repair

2019-09-13 19:57:45.786170 Tunnelblick[45592] Installation or repair succeeded; Log:

Tunnelblick installer started 2019-09-13 19:57:45.744596. 3 arguments: 0x0001

/Users/davidlin/Library/Application Support/Tunnelblick/Configurations/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

/private/var/folders/sp/skb_2_313pvbwc72brfgzdk40000gn/T/Tunnelblick-JkPeYT/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk

getuid() = 501; getgid() = 20; geteuid() = 0; getegid() = 20

Copied /private/var/folders/sp/skb_2_313pvbwc72brfgzdk40000gn/T/Tunnelblick-JkPeYT/fw01-TCP4-443-david_MBP_2019_08_01-config.tblk