UP/DOWN Script

[John Griffis]

How and where do you put UP/DOWN scripts for tunnelblick, I am used to BATCH files on windows machines using OpenVPN, but am not 100% sure how to achieve this on a Mac using Tunnelblick. The script is just a standard mount volume after up. Can anyone help me with this?

[jkbull...gmail.com]

See Using Scripts. It explains the types of scripts that can be used (up/down, and additional Tunnelblick scripts).

There is one thing to watch out for -- if you use any of Tunnelblick's "Set nameserver" settings (other than "Do not set nameserver"), then any "up" or "down" script in the configuration file will be ignored.

At a guess, I think you should create a "connect.sh" script with the mount command, and put it, along with the configuration file and certificates and keys, into a Tunnelblick VPN Configuration. That way it will be run after the connection has completed and OpenVPN had done post-up-script processing (if any).

There is a restriction you should keep in mind, too: a "connect.sh" script will not run if the configuration is set to connect "when the computer starts" (because Tunnelblick runs the "connect.sh" script, and Tunnelblick is not running at that point).

If you can't live with that restriction, you will have to create your own "up.tunnelblick.sh" and "down.tunnelblick.sh" and put them in the Tunnelblick VPN Configuration, and add "up up.tunnelblick.sh" and "down down.tunnelblick.sh" to your configuration file(s). If you do that, I can't remember if you need to set the 'Set nameserver' setting to "Do not set nameserver" or "Set nameserver", or if it is ignored altogether.

And remember that all scripts run as root, not the user.

[John Griffis]

Thanks for the help. I will do a little more research, if i have an questions im sure ill be back!


Thanks again!

[John Griffis]

Never mind :) found the issue!!!

Correct Code:

su thesr5 -c '
mkdir /Volumes/ExpressOffice
mount_afp afp://SERVER/FOLDER /Volumes/ExpressOffice 
'

open /Volumes/ExpressOffice

[John Griffis]

Hey again :) I got another question, The connected.sh script works great, everything connects as its supposed and i get no errors, but when i disconnect the VPN the post-disconnect.sh script doesnt seem to run at all. All I'm trying to get it to do is "umount /Volumes/ExpressOffice"

[jkbull...gmail.com]

Hmmm. First, double-check the name of the file is (exactly) post-disconnect.sh.

Then, make sure that the script isn't being executed -- insert a line like

echo X > /tmp/post-disconnect-test.txt

and see if the file shows up in /tmp

If it really isn't being launched, it is possible that you've found a bug.

[John Griffis]

Strange it created the file in /tmp, but it did not run "umount /Volume/ExpressOffice"

[jkbull...gmail.com]

So the script is running.

You might want to ask for help in some general OS X forum.

I don't know much about mounting/unmounting on OS X, but you should look for any error messages in the Console log and the Tunnelblick/OpenVPN log.

And you might want to try doing it yourself via Terminal after disconnecting and see if you get an error message.

When you get it working, please post back here to say how -- it will help the next person.

[John Griffis]

Will do, I tested "umount /Volumes/ExpressOffice" in the terminal and it does disconnect the drive without an error but for some reason it does not execute that way from the shell script. Will do some more research.

[jkbull...gmail.com]

Two things I can think of:

Try adding "sleep 10" before the umount. If that works, try smaller numbers. Maybe there is something still connected to the mounted drive that needs time to disconnect.

Maybe it has something to do with running as root? (If anything, I would think that would help, but who knows?)

[John Griffis]

Found it: Here is the simple fix (all i have to say is WOW) bellow are the two files connected.sh and post-disconnect.sh

connected.sh:

su USERNAME -c '
mkdir /Volumes/NAME
mount_afp afp://AFP_USERNAME@server/folder /Volumes/NAME
'

open /Volumes/NAME

post-disconnect.sh:

umount -f /Volumes/NAME

[John Griffis]

Thanks for all your help!

[John Griffis]

I created a zip file for other users with detailed instructions in the connected.sh file of how to configure it correctly.

[jkbull...gmail.com]

Thank you!

I have uploaded your .zip with the scripts and added an entry on the User-Contributed section of the Tunnelblick Downloads page.