Comments (10)
yinanwang1
commented on June 2, 2024
2
这个问题在beta出现出现很多次,所以我一直更新到最新版本,以为是我自己的问题。看来是确实有问题。
Please find the bug and fix it ,thanks.
from tunnelblick.
jkbullard
commented on June 2, 2024
1
Thanks again, @belykhk.
I have a modified "up" script that may fix the problem. Anyone who wants to try it can email [email protected] to get it along with instructions on how to install it (and uninstall it). Please make the subject line of your email "Fix for Issue 789".
from tunnelblick.
jkbullard
commented on June 2, 2024
Thanks for your report.
-
Please reply to this Issue and include the Diagnostic Info obtained by following the instructions at Before You Post About a Problem. Because only one of your configurations is working, it would be helpful to also include the Diagnostic Info for a configuration that does not have the same problem.
-
Note that /etc/resolv.conf is not used by most of macOS:
% cat /etc/resolv.conf
#
# macOS Notice
#
# This file is not consulted for DNS hostname resolution, address
# resolution, or the DNS query routing mechanism used by most
# processes on this system.
#
# To view the DNS configuration used by this system, use:
# scutil --dns
#
# SEE ALSO
# dns-sd(1), scutil(8)
#
# This file is automatically generated.
#
from tunnelblick.
belykhk
commented on June 2, 2024
@jkbullard thank you for quick reply! Here is diagnostic info. Both are additionally sanitized by me.
Broken configuration
git commit 26decd1ea08180e2e30735bb4363b5ad4cf2e944
The Tunnelblick.app process is not being translated (arm64)
System Integrity Protection is enabled
Model: Mac14,2
================================================================================
Configuration [REDACTED]
"Sanitized" condensed configuration file for /Users/[REDACTED]/Library/Application Support/Tunnelblick/Configurations/[REDACTED].tblk:
client
proto udp
explicit-exit-notify
remote [REDACTED] [REDACTED]
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name [REDACTED] name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ignore-unknown-option block-outside-dns
pull-filter ignore redirect-gateway
verb 3
tun-mtu 1400
mssfix 1360
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
<tls-crypt>
[Security-related line(s) omitted]
</tls-crypt>
================================================================================
Files in [REDACTED].tblk:
Contents/Resources/config.ovpn
================================================================================
Configuration preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
-lastConnectionSucceeded = 1
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
================================================================================
Program preferences:
launchAtNextLogin = 1
tunnelblickVersionHistory = (
"4.0.0 (build 5970)",
"3.8.8g (build 5779.3)",
"3.8.8f (build 5779.2)",
"3.8.8e (build 5779.1)",
"3.8.8d (build 5779)",
"3.8.8c (build 5778)",
"3.8.8b (build 5777)",
"3.8.8a (build 5776)",
"3.8.7a (build 5770)"
)
lastLaunchTime = 731704648.608894
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = neverShow
maxLogDisplaySize = 102400
lastConnectedDisplayName = [REDACTED]
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame SettingsSheetWindow = 556 196 829 548 0 0 1920 1055
NSWindow Frame ConnectingWindow = -930 575 389 217 -1470 49 1470 919
NSWindow Frame SUStatusFrame = 760 690 400 135 0 0 1920 1055
NSWindow Frame SUUpdateAlert = 650 492 620 398 0 0 1920 1055
detailsWindowFrameVersion = 5970
detailsWindowFrame = {{-1303, 117}, {982, 775}}
detailsWindowLeftFrame = {{0, 0}, {179, 655}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavOutlineViewExpandedDisplayNames = (
)
leftNavSelectedDisplayName = [REDACTED]
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithAlwaysShowLoginWindow = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SULastCheckTime = 2024-03-09 19:17:29 +0000
SUHasLaunchedBefore = 1
================================================================================
Forced preferences:
(None)
================================================================================
Deployed forced preferences:
(None)
================================================================================
Tunnelblick Kext Policy Data:
net.tunnelblick.tun|Z2SG5H3HC8|Jonathan Bullard|1|5
net.tunnelblick.tap|Z2SG5H3HC8|Jonathan Bullard|1|5
================================================================================
Tunnelblick Log:
2024-03-09 23:17:35.527547 *Tunnelblick: macOS 14.3.1 (23D60); Tunnelblick 4.0.0 (build 5970); prior version 3.8.8g (build 5779.3)
2024-03-09 23:17:35.824205 *Tunnelblick: Attempting connection with [REDACTED] using shadow copy; Set nameserver = 0x00000301; monitoring connection
2024-03-09 23:17:35.825555 *Tunnelblick: openvpnstart start [REDACTED].tblk 65072 0x00000301 0 1 0 0x0210c130 -ptADGNWradsgnw 2.6.9-openssl-3.0.13 <password>
2024-03-09 23:17:35.849835 *Tunnelblick: openvpnstart starting OpenVPN
2024-03-09 23:17:36.110904 OpenVPN 2.6.9 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD]
2024-03-09 23:17:36.110945 library versions: OpenSSL 3.0.13 30 Jan 2024, LZO 2.10
2024-03-09 23:17:36.111379 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:65072
2024-03-09 23:17:36.111387 Need hold release from management interface, waiting...
2024-03-09 23:17:36.450866 *Tunnelblick: openvpnstart log:
OpenVPN started successfully.
Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.6.9-openssl-3.0.13/openvpn
--daemon
--log-append /Library/Application Support/Tunnelblick/Logs/-SUsers-S[REDACTED]-SLibrary-SApplication Support-STunnelblick-SConfigurations-S[REDACTED].tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_34652464.65072.openvpn.log
--cd /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources
--machine-readable-output
--setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5970 4.0.0 (build 5970)"
--verb 3
--config /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources/config.ovpn
--setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources
--verb 3
--cd /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources
--management 127.0.0.1 65072 /Library/Application Support/Tunnelblick/Mips/[REDACTED].tblk.mip
--setenv IV_SSO webauth
--management-query-passwords
--management-hold
--script-security 2
--route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
2024-03-09 23:17:36.460430 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:61824
2024-03-09 23:17:36.486808 MANAGEMENT: CMD 'pid'
2024-03-09 23:17:36.486857 MANAGEMENT: CMD 'auth-retry interact'
2024-03-09 23:17:36.486885 MANAGEMENT: CMD 'state on'
2024-03-09 23:17:36.486905 MANAGEMENT: CMD 'state'
2024-03-09 23:17:36.486938 MANAGEMENT: CMD 'bytecount 1'
2024-03-09 23:17:36.487424 *Tunnelblick: Established communication with OpenVPN
2024-03-09 23:17:36.497063 *Tunnelblick: >INFO:OpenVPN Management Interface Version 5 -- type 'help' for more info
2024-03-09 23:17:36.497500 MANAGEMENT: CMD 'hold release'
2024-03-09 23:17:36.497590 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-03-09 23:17:36.513257 TCP/UDP: Preserving recently used remote address: [AF_INET][REDACTED]:[REDACTED]
2024-03-09 23:17:36.513331 Socket Buffers: R=[786896->786896] S=[9216->9216]
2024-03-09 23:17:36.513352 UDPv4 link local: (not bound)
2024-03-09 23:17:36.513365 UDPv4 link remote: [AF_INET][REDACTED]:[REDACTED]
2024-03-09 23:17:36.513395 MANAGEMENT: >STATE:1710011856,WAIT,,,,,,
2024-03-09 23:17:36.578286 MANAGEMENT: >STATE:1710011856,AUTH,,,,,,
2024-03-09 23:17:36.578379 TLS: Initial packet from [AF_INET][REDACTED]:[REDACTED], sid=c7c8ecd1 89d90986
2024-03-09 23:17:36.715604 VERIFY OK: depth=1, CN=[REDACTED]
2024-03-09 23:17:36.717481 VERIFY KU OK
2024-03-09 23:17:36.717543 Validating certificate extended key usage
2024-03-09 23:17:36.717565 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-03-09 23:17:36.717580 VERIFY EKU OK
2024-03-09 23:17:36.717599 VERIFY X509NAME OK: CN=[REDACTED]
2024-03-09 23:17:36.717613 VERIFY OK: depth=0, CN=[REDACTED]
2024-03-09 23:17:36.788589 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 256 bits ECprime256v1, signature: ecdsa-with-SHA256, peer temporary key: 256 bits ECprime256v1
2024-03-09 23:17:36.788740 [[REDACTED]] Peer Connection Initiated with [AF_INET][REDACTED]:[REDACTED]
2024-03-09 23:17:36.788823 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-03-09 23:17:36.789023 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-03-09 23:17:36.852819 PUSH: Received control message: 'PUSH_REPLY,route [REDACTED] 255.255.255.0,route [REDACTED] 255.255.255.0,route [REDACTED] 255.255.255.0,route-gateway [REDACTED],topology subnet,ping 10,ping-restart 900,ifconfig 10.11.0.20 255.255.255.0,peer-id 2,cipher AES-128-GCM'
2024-03-09 23:17:36.853042 OPTIONS IMPORT: --ifconfig/up options modified
2024-03-09 23:17:36.853091 OPTIONS IMPORT: route options modified
2024-03-09 23:17:36.853117 OPTIONS IMPORT: route-related options modified
2024-03-09 23:17:36.854053 Opened utun device utun4
2024-03-09 23:17:36.854109 MANAGEMENT: >STATE:1710011856,ASSIGN_IP,,10.11.0.20,,,,
2024-03-09 23:17:36.854159 /sbin/ifconfig utun4 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2024-03-09 23:17:36.869676 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2024-03-09 23:17:36.869715 /sbin/ifconfig utun4 10.11.0.20 10.11.0.20 netmask 255.255.255.0 mtu 1400 up
2024-03-09 23:17:36.880760 /sbin/route add -net 10.11.0.0 10.11.0.20 255.255.255.0
add net 10.11.0.0: gateway 10.11.0.20
2024-03-09 23:17:36.890848 MANAGEMENT: >STATE:1710011856,ADD_ROUTES,,,,,,
2024-03-09 23:17:36.890910 /sbin/route add -net [REDACTED] [REDACTED] 255.255.255.0
add net [REDACTED]: gateway [REDACTED]
2024-03-09 23:17:36.895023 /sbin/route add -net [REDACTED] [REDACTED] 255.255.255.0
add net [REDACTED]: gateway [REDACTED]
2024-03-09 23:17:36.898214 /sbin/route add -net [REDACTED] [REDACTED] 255.255.255.0
add net [REDACTED]: gateway [REDACTED]
23:17:36 *Tunnelblick: **********************************************
23:17:36 *Tunnelblick: Start of output from client.up.tunnelblick.sh
23:17:39 *Tunnelblick: Disabled IPv6 for 'iPhone USB'
23:17:39 *Tunnelblick: Disabled IPv6 for 'Outline'
23:17:39 *Tunnelblick: Disabled IPv6 for 'Home'
23:17:39 *Tunnelblick: DNS servers '192.168.88.1' will be used for DNS queries when the VPN is active
23:17:39 *Tunnelblick: NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
23:17:39 *Tunnelblick: Will not monitor for network configuration changes.
23:17:39 *Tunnelblick: Flushed the DNS cache via dscacheutil
23:17:39 *Tunnelblick: /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
23:17:39 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
23:17:39 *Tunnelblick: Not notifying mDNSResponderHelper that the DNS cache was flushed because it is not running
23:17:39 *Tunnelblick: End of output from client.up.tunnelblick.sh
23:17:39 *Tunnelblick: **********************************************
2024-03-09 23:17:39.374598 Initialization Sequence Completed
2024-03-09 23:17:39.374612 MANAGEMENT: >STATE:1710011859,CONNECTED,SUCCESS,10.11.0.20,[REDACTED],[REDACTED],,
2024-03-09 23:17:39.374618 Data Channel: cipher 'AES-128-GCM', peer-id: 2
2024-03-09 23:17:39.374621 Timers: ping 10, ping-restart 900
2024-03-09 23:17:39.374623 Protocol options: explicit-exit-notify 1
2024-03-09 23:17:40.489585 *Tunnelblick: Warning: DNS server address is not being used.
2024-03-09 23:17:40.495558 *Tunnelblick: Warning: DNS server address 192.168.88.1 is being used but should not be used. That may indicate that more than one network interface is active. Tunnelblick does not support multiple active network interfaces.
2024-03-09 23:18:00.653571 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed
2024-03-09 23:18:00.812320 *Tunnelblick: Disconnecting using 'kill'
2024-03-09 23:18:00.975711 event_wait : Interrupted system call (fd=-1,code=4)
2024-03-09 23:18:00.975743 SIGTERM received, sending exit notification to peer
2024-03-09 23:18:02.129943 /sbin/route delete -net [REDACTED] [REDACTED] 255.255.255.0
delete net [REDACTED]: gateway [REDACTED]
2024-03-09 23:18:02.138236 /sbin/route delete -net [REDACTED] [REDACTED] 255.255.255.0
delete net [REDACTED]: gateway [REDACTED]
2024-03-09 23:18:02.143911 /sbin/route delete -net [REDACTED] [REDACTED] 255.255.255.0
delete net [REDACTED]: gateway [REDACTED]
2024-03-09 23:18:02.148370 Closing TUN/TAP interface
2024-03-09 23:18:02.149045 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun4 1400 0 10.11.0.20 255.255.255.0 init
23:18:02 *Tunnelblick: **********************************************
23:18:02 *Tunnelblick: Start of output from client.down.tunnelblick.sh
Unload failed: 5: Input/output error
Try running `launchctl bootout` as root for richer errors.
23:18:02 *Tunnelblick: Cancelled monitoring system configuration changes
No such key
23:18:02 *Tunnelblick: Restored State:DNS
No such key
23:18:02 *Tunnelblick: Restored Setup:DNS
23:18:02 *Tunnelblick: Restored DNS and SMB settings
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "Outline"
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "Home"
23:18:02 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
23:18:02 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
No such key
No such key
No such key
No such key
No such key
23:18:02 *Tunnelblick: End of output from client.down.tunnelblick.sh
23:18:02 *Tunnelblick: **********************************************
2024-03-09 23:18:02.450459 SIGTERM[hard,exit-with-notification] received, process exiting
2024-03-09 23:18:02.450469 MANAGEMENT: >STATE:1710011882,EXITING,exit-with-notification,,,,,
2024-03-09 23:18:02.918855 *Tunnelblick: Expected disconnection occurred.
================================================================================
Installer log:
Tunnelblick installer started 2024-03-09 15:54:27.111115; getuid() = 501; geteuid() = 0; getgid() = 20; getegid() = 20
currentDirectoryPath = '/'; 1 arguments:
0x0101
Determined username '[REDACTED]' from getuid(): 501
renamex_np() tests succeeded for /Applications
renamex_np() tests succeeded for /Library/Application Support/Tunnelblick
renamex_np() tests succeeded for /Users/[REDACTED]/Library/Application Support/Tunnelblick/Configurations
Replaced /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist
Used launchctl to load tunnelblickd
Kext is up-to-date: tunnelblick-tun.kext
Kext is up-to-date: tunnelblick-tap.kext
Tunnelblick installer succeeded
================================================================================
Down log:
23:18:02 *Tunnelblick: **********************************************
23:18:02 *Tunnelblick: Start of output from client.down.tunnelblick.sh
23:18:02 *Tunnelblick: Cancelled monitoring system configuration changes
23:18:02 *Tunnelblick: Restored State:DNS
23:18:02 *Tunnelblick: Restored Setup:DNS
23:18:02 *Tunnelblick: Restored State:SMB
23:18:02 *Tunnelblick: Restored DNS and SMB settings
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "Outline"
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "Home"
23:18:02 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
23:18:02 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
23:18:02 *Tunnelblick: End of output from client.down.tunnelblick.sh
23:18:02 *Tunnelblick: **********************************************
================================================================================
Previous down log:
23:16:31 *Tunnelblick: **********************************************
23:16:31 *Tunnelblick: Start of output from client.down.tunnelblick.sh
23:16:31 *Tunnelblick: Cancelled monitoring system configuration changes
23:16:31 *Tunnelblick: Restored State:DNS
23:16:31 *Tunnelblick: Restored Setup:DNS
23:16:31 *Tunnelblick: Restored State:SMB
23:16:31 *Tunnelblick: Restored DNS and SMB settings
23:16:31 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"
23:16:31 *Tunnelblick: Re-enabled IPv6 (automatic) for "Outline"
23:16:31 *Tunnelblick: Re-enabled IPv6 (automatic) for "Home"
23:16:31 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
23:16:31 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
23:16:31 *Tunnelblick: End of output from client.down.tunnelblick.sh
23:16:31 *Tunnelblick: **********************************************
================================================================================
Network services:
An asterisk (*) denotes that a network service is disabled.
AX88179A
Wi-Fi
Thunderbolt Bridge
iPhone USB
Hetzner
[REDACTED]
Outline
Home
[REDACTED]
Wi-Fi Power (en0): On
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
anpi0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 8e:c3:ea:75:11:2e
media: none
status: inactive
anpi1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 8e:c3:ea:75:11:2f
media: none
status: inactive
en3: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 8e:c3:ea:75:11:0e
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en5: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=404<VLAN_MTU,CHANNEL_IO>
ether f8:e4:3b:8d:75:47
inet 192.168.88.15 netmask 0xffffff00 broadcast 192.168.88.255
media: autoselect (1000baseT <full-duplex>)
status: active
en4: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 8e:c3:ea:75:11:0f
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 36:99:c1:d6:4f:c0
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 36:99:c1:d6:4f:c4
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 36:99:c1:d6:4f:c0
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x0
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 10 priority 0 path cost 0
media: <unknown type>
status: inactive
ap1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether 3e:57:dc:2a:ec:cb
inet6 fe80::3c57:dcff:fe2a:eccb%ap1 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether 1c:57:dc:2a:ec:cb
inet 192.168.88.14 netmask 0xffffff00 broadcast 192.168.88.255
media: autoselect
status: active
awdl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether ae:48:d7:cb:2b:9b
inet6 fe80::ac48:d7ff:fecb:2b9b%awdl0 prefixlen 64 scopeid 0xe
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether ae:48:d7:cb:2b:9b
inet6 fe80::ac48:d7ff:fecb:2b9b%llw0 prefixlen 64 scopeid 0xf
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::8409:936b:aa70:9c56%utun0 prefixlen 64 scopeid 0x10
nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::9d44:4cb2:3ff:8b2a%utun1 prefixlen 64 scopeid 0x11
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000
inet6 fe80::ce81:b1c:bd2c:69e%utun2 prefixlen 64 scopeid 0x12
nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet6 fe80::cc54:9a3b:9344:a1f0%utun3 prefixlen 64 scopeid 0x13
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
================================================================================
Quit Log:
2024-03-09 23:17:05.653424 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)
2024-03-09 23:17:05.657932 shutDownTunnelblick: started.
2024-03-09 23:17:05.659170 shutDownTunnelblick: Starting cleanup.
2024-03-09 23:17:05.659793 cleanup: Entering cleanup
2024-03-09 23:17:05.671146 synchronized user defaults
2024-03-09 23:17:06.576974 shutDownTunnelblick: Cleanup finished.
2024-03-09 23:17:06.578654 Finished shutting down Tunnelblick; allowing termination
================================================================================
Traces Log:
================================================================================
Console Log:
Working configuration
*Tunnelblick: macOS 14.3.1 (23D60); Tunnelblick 4.0.0 (build 5970); prior version 3.8.8g (build 5779.3); Admin user
git commit 26decd1ea08180e2e30735bb4363b5ad4cf2e944
The Tunnelblick.app process is not being translated (arm64)
System Integrity Protection is enabled
Model: Mac14,2
================================================================================
Configuration [REDACTED]
"Sanitized" condensed configuration file for /Users/[REDACTED]/Library/Application Support/Tunnelblick/Configurations/[REDACTED].tblk:
client
proto udp
explicit-exit-notify
remote [REDACTED] [REDACTED]
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name [REDACTED] name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ignore-unknown-option block-outside-dns
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
<tls-crypt>
[Security-related line(s) omitted]
</tls-crypt>
================================================================================
Files in [REDACTED].tblk:
Contents/Resources/config.ovpn
================================================================================
Configuration preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
-lastConnectionSucceeded = 1
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
================================================================================
Program preferences:
launchAtNextLogin = 1
tunnelblickVersionHistory = (
"4.0.0 (build 5970)",
"3.8.8g (build 5779.3)",
"3.8.8f (build 5779.2)",
"3.8.8e (build 5779.1)",
"3.8.8d (build 5779)",
"3.8.8c (build 5778)",
"3.8.8b (build 5777)",
"3.8.8a (build 5776)",
"3.8.7a (build 5770)"
)
lastLaunchTime = 731704648.608894
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = neverShow
maxLogDisplaySize = 102400
lastConnectedDisplayName = [REDACTED]
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame SettingsSheetWindow = 556 196 829 548 0 0 1920 1055
NSWindow Frame ConnectingWindow = -930 575 389 217 -1470 49 1470 919
NSWindow Frame SUStatusFrame = 760 690 400 135 0 0 1920 1055
NSWindow Frame SUUpdateAlert = 650 492 620 398 0 0 1920 1055
detailsWindowFrameVersion = 5970
detailsWindowFrame = {{-1303, 117}, {982, 775}}
detailsWindowLeftFrame = {{0, 0}, {179, 655}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavOutlineViewExpandedDisplayNames = (
)
leftNavSelectedDisplayName = [REDACTED]
AdvancedWindowTabIdentifier = connectingAndDisconnecting
haveDealtWithOldTunTapPreferences = 1
haveDealtWithAlwaysShowLoginWindow = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SULastCheckTime = 2024-03-09 19:17:29 +0000
SUHasLaunchedBefore = 1
================================================================================
Forced preferences:
(None)
================================================================================
Deployed forced preferences:
(None)
================================================================================
Tunnelblick Kext Policy Data:
net.tunnelblick.tun|Z2SG5H3HC8|Jonathan Bullard|1|5
net.tunnelblick.tap|Z2SG5H3HC8|Jonathan Bullard|1|5
================================================================================
Tunnelblick Log:
2024-03-09 23:28:46.641046 *Tunnelblick: macOS 14.3.1 (23D60); Tunnelblick 4.0.0 (build 5970); prior version 3.8.8g (build 5779.3)
2024-03-09 23:28:46.942304 *Tunnelblick: Attempting connection with [REDACTED] using shadow copy; Set nameserver = 0x00000301; monitoring connection
2024-03-09 23:28:46.943041 *Tunnelblick: openvpnstart start [REDACTED].tblk 53608 0x00000301 0 1 0 0x0210c130 -ptADGNWradsgnw 2.6.9-openssl-3.0.13 <password>
2024-03-09 23:28:46.966696 *Tunnelblick: openvpnstart starting OpenVPN
2024-03-09 23:28:47.332857 Unrecognized option or missing or extra parameter(s) in /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources/config.ovpn:19: block-outside-dns (2.6.9)
2024-03-09 23:28:47.337001 OpenVPN 2.6.9 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD]
2024-03-09 23:28:47.337057 library versions: OpenSSL 3.0.13 30 Jan 2024, LZO 2.10
2024-03-09 23:28:47.339640 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:53608
2024-03-09 23:28:47.339654 Need hold release from management interface, waiting...
2024-03-09 23:28:47.569083 *Tunnelblick: openvpnstart log:
OpenVPN started successfully.
Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.6.9-openssl-3.0.13/openvpn
--daemon
--log-append /Library/Application Support/Tunnelblick/Logs/-SUsers-S[REDACTED]-SLibrary-SApplication Support-STunnelblick-SConfigurations-S[REDACTED].tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_34652464.53608.openvpn.log
--cd /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources
--machine-readable-output
--setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5970 4.0.0 (build 5970)"
--verb 3
--config /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources/config.ovpn
--setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources
--verb 3
--cd /Library/Application Support/Tunnelblick/Users/[REDACTED]/[REDACTED].tblk/Contents/Resources
--management 127.0.0.1 53608 /Library/Application Support/Tunnelblick/Mips/[REDACTED].tblk.mip
--setenv IV_SSO webauth
--management-query-passwords
--management-hold
--script-security 2
--route-up /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
--down /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
2024-03-09 23:28:47.571582 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:62668
2024-03-09 23:28:47.585438 MANAGEMENT: CMD 'pid'
2024-03-09 23:28:47.585519 MANAGEMENT: CMD 'auth-retry interact'
2024-03-09 23:28:47.585560 MANAGEMENT: CMD 'state on'
2024-03-09 23:28:47.585597 MANAGEMENT: CMD 'state'
2024-03-09 23:28:47.585640 MANAGEMENT: CMD 'bytecount 1'
2024-03-09 23:28:47.586131 *Tunnelblick: Established communication with OpenVPN
2024-03-09 23:28:47.597591 *Tunnelblick: >INFO:OpenVPN Management Interface Version 5 -- type 'help' for more info
2024-03-09 23:28:47.598432 MANAGEMENT: CMD 'hold release'
2024-03-09 23:28:47.598611 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-03-09 23:28:47.606428 TCP/UDP: Preserving recently used remote address: [AF_INET][REDACTED]:[REDACTED]
2024-03-09 23:28:47.606552 Socket Buffers: R=[786896->786896] S=[9216->9216]
2024-03-09 23:28:47.606599 UDPv4 link local: (not bound)
2024-03-09 23:28:47.606707 UDPv4 link remote: [AF_INET][REDACTED]:[REDACTED]
2024-03-09 23:28:47.606754 MANAGEMENT: >STATE:1710012527,WAIT,,,,,,
2024-03-09 23:28:47.679401 MANAGEMENT: >STATE:1710012527,AUTH,,,,,,
2024-03-09 23:28:47.679513 TLS: Initial packet from [AF_INET][REDACTED]:[REDACTED], sid=4ef4472c 7f06b49e
2024-03-09 23:28:47.833356 VERIFY OK: depth=1, CN=[REDACTED]
2024-03-09 23:28:47.835496 VERIFY KU OK
2024-03-09 23:28:47.835545 Validating certificate extended key usage
2024-03-09 23:28:47.835580 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-03-09 23:28:47.835608 VERIFY EKU OK
2024-03-09 23:28:47.835627 VERIFY X509NAME OK: CN=s[REDACTED]
2024-03-09 23:28:47.835646 VERIFY OK: depth=0, CN=s[REDACTED]
2024-03-09 23:28:47.914307 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 256 bits ECprime256v1, signature: ecdsa-with-SHA256, peer temporary key: 256 bits ECprime256v1
2024-03-09 23:28:47.914445 [s[REDACTED]] Peer Connection Initiated with [AF_INET][REDACTED]:[REDACTED]
2024-03-09 23:28:47.914508 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-03-09 23:28:47.914633 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-03-09 23:28:47.985424 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 77.88.8.8,dhcp-option DNS 77.88.8.1,redirect-gateway def1 bypass-dhcp,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.3 255.255.255.0,peer-id 1,cipher AES-128-GCM'
2024-03-09 23:28:47.985700 OPTIONS IMPORT: --ifconfig/up options modified
2024-03-09 23:28:47.985746 OPTIONS IMPORT: route options modified
2024-03-09 23:28:47.985771 OPTIONS IMPORT: route-related options modified
2024-03-09 23:28:47.985794 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2024-03-09 23:28:47.987111 Opened utun device utun4
2024-03-09 23:28:47.987413 MANAGEMENT: >STATE:1710012527,ASSIGN_IP,,10.8.0.3,,,,
2024-03-09 23:28:47.987463 /sbin/ifconfig utun4 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2024-03-09 23:28:48.034732 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2024-03-09 23:28:48.034767 /sbin/ifconfig utun4 10.8.0.3 10.8.0.3 netmask 255.255.255.0 mtu 1500 up
2024-03-09 23:28:48.050284 /sbin/route add -net 10.8.0.0 10.8.0.3 255.255.255.0
add net 10.8.0.0: gateway 10.8.0.3
2024-03-09 23:28:48.062458 /sbin/route add -net [REDACTED] 192.168.88.1 255.255.255.255
add net [REDACTED]: gateway 192.168.88.1
2024-03-09 23:28:48.068054 /sbin/route add -net 0.0.0.0 10.8.0.1 128.0.0.0
add net 0.0.0.0: gateway 10.8.0.1
2024-03-09 23:28:48.073328 /sbin/route add -net 128.0.0.0 10.8.0.1 128.0.0.0
add net 128.0.0.0: gateway 10.8.0.1
23:28:48 *Tunnelblick: **********************************************
23:28:48 *Tunnelblick: Start of output from client.up.tunnelblick.sh
23:28:50 *Tunnelblick: Disabled IPv6 for 'iPhone USB'
23:28:50 *Tunnelblick: Disabled IPv6 for 'Outline'
23:28:50 *Tunnelblick: Disabled IPv6 for 'Home'
23:28:50 *Tunnelblick: Retrieved from OpenVPN: name server(s) [ 77.88.8.8 77.88.8.1 ], search domain(s) [ ] and SMB server(s) [ ] and using default domain name [ openvpn ]
23:28:50 *Tunnelblick: Not aggregating ServerAddresses because running on macOS 10.6 or higher
23:28:50 *Tunnelblick: Setting search domains to 'openvpn' because the search domains were not set manually (or are allowed to be changed) and 'Prepend domain name to search domains' was not selected
23:28:51 *Tunnelblick: Saved the DNS and SMB configurations so they can be restored
23:28:51 *Tunnelblick: Changed DNS ServerAddresses setting from '192.168.88.1' to '77.88.8.8 77.88.8.1'
23:28:51 *Tunnelblick: Changed DNS SearchDomains setting from 'home.belykh.online' to 'openvpn'
23:28:51 *Tunnelblick: Changed DNS DomainName setting from '' to 'openvpn'
23:28:51 *Tunnelblick: Did not change SMB NetBIOSName setting of ''
23:28:51 *Tunnelblick: Did not change SMB Workgroup setting of ''
23:28:51 *Tunnelblick: Did not change SMB WINSAddresses setting of ''
23:28:51 *Tunnelblick: DNS servers '77.88.8.8 77.88.8.1' will be used for DNS queries when the VPN is active
23:28:51 *Tunnelblick: The DNS servers include only free public DNS servers known to Tunnelblick.
23:28:51 *Tunnelblick: Flushed the DNS cache via dscacheutil
23:28:51 *Tunnelblick: /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
23:28:51 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
23:28:51 *Tunnelblick: Not notifying mDNSResponderHelper that the DNS cache was flushed because it is not running
23:28:51 *Tunnelblick: Setting up to monitor system configuration with process-network-changes
23:28:51 *Tunnelblick: End of output from client.up.tunnelblick.sh
23:28:51 *Tunnelblick: **********************************************
2024-03-09 23:28:51.974861 Initialization Sequence Completed
2024-03-09 23:28:51.974875 MANAGEMENT: >STATE:1710012531,CONNECTED,SUCCESS,10.8.0.3,[REDACTED],[REDACTED],,
2024-03-09 23:28:51.974882 Data Channel: cipher 'AES-128-GCM', peer-id: 1
2024-03-09 23:28:51.974885 Timers: ping 10, ping-restart 120
2024-03-09 23:28:51.974888 Protocol options: explicit-exit-notify 1
2024-03-09 23:28:53.087981 *Tunnelblick: Warning: DNS server address 192.168.88.1 is being used but should not be used. That may indicate that more than one network interface is active. Tunnelblick does not support multiple active network interfaces.
2024-03-09 23:29:05.230914 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed
2024-03-09 23:29:05.383051 *Tunnelblick: Disconnecting using 'kill'
2024-03-09 23:29:05.552793 event_wait : Interrupted system call (fd=-1,code=4)
2024-03-09 23:29:05.552854 SIGTERM received, sending exit notification to peer
2024-03-09 23:29:06.043746 /sbin/route delete -net [REDACTED] 192.168.88.1 255.255.255.255
delete net [REDACTED]: gateway 192.168.88.1
2024-03-09 23:29:06.049698 /sbin/route delete -net 0.0.0.0 10.8.0.1 128.0.0.0
delete net 0.0.0.0: gateway 10.8.0.1
2024-03-09 23:29:06.055925 /sbin/route delete -net 128.0.0.0 10.8.0.1 128.0.0.0
delete net 128.0.0.0: gateway 10.8.0.1
2024-03-09 23:29:06.062963 Closing TUN/TAP interface
2024-03-09 23:29:06.063549 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun4 1500 0 10.8.0.3 255.255.255.0 init
23:29:06 *Tunnelblick: **********************************************
23:29:06 *Tunnelblick: Start of output from client.down.tunnelblick.sh
23:29:06 *Tunnelblick: Cancelled monitoring system configuration changes
23:29:06 *Tunnelblick: Restored State:DNS
23:29:06 *Tunnelblick: Removed Setup:DNS
23:29:06 *Tunnelblick: Restored DNS and SMB settings
23:29:06 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"
23:29:06 *Tunnelblick: Re-enabled IPv6 (automatic) for "Outline"
23:29:06 *Tunnelblick: Re-enabled IPv6 (automatic) for "Home"
23:29:06 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
23:29:06 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
23:29:06 *Tunnelblick: Notified mDNSResponderHelper that the DNS cache was flushed
23:29:06 *Tunnelblick: End of output from client.down.tunnelblick.sh
23:29:06 *Tunnelblick: **********************************************
2024-03-09 23:29:06.337849 SIGTERM[soft,exit-with-notification] received, process exiting
2024-03-09 23:29:06.337858 MANAGEMENT: >STATE:1710012546,EXITING,exit-with-notification,,,,,
2024-03-09 23:29:06.801086 *Tunnelblick: Expected disconnection occurred.
================================================================================
Installer log:
Tunnelblick installer started 2024-03-09 15:54:27.111115; getuid() = 501; geteuid() = 0; getgid() = 20; getegid() = 20
currentDirectoryPath = '/'; 1 arguments:
0x0101
Determined username '[REDACTED]' from getuid(): 501
renamex_np() tests succeeded for /Applications
renamex_np() tests succeeded for /Library/Application Support/Tunnelblick
renamex_np() tests succeeded for /Users/[REDACTED]/Library/Application Support/Tunnelblick/Configurations
Replaced /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist
Used launchctl to load tunnelblickd
Kext is up-to-date: tunnelblick-tun.kext
Kext is up-to-date: tunnelblick-tap.kext
Tunnelblick installer succeeded
================================================================================
Down log:
23:29:06 *Tunnelblick: **********************************************
23:29:06 *Tunnelblick: Start of output from client.down.tunnelblick.sh
23:29:06 *Tunnelblick: Cancelled monitoring system configuration changes
23:29:06 *Tunnelblick: Restored State:DNS
23:29:06 *Tunnelblick: Removed Setup:DNS
23:29:06 *Tunnelblick: Removed State:SMB
23:29:06 *Tunnelblick: Restored DNS and SMB settings
23:29:06 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"
23:29:06 *Tunnelblick: Re-enabled IPv6 (automatic) for "Outline"
23:29:06 *Tunnelblick: Re-enabled IPv6 (automatic) for "Home"
23:29:06 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
23:29:06 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
23:29:06 *Tunnelblick: Notified mDNSResponderHelper that the DNS cache was flushed
23:29:06 *Tunnelblick: End of output from client.down.tunnelblick.sh
23:29:06 *Tunnelblick: **********************************************
================================================================================
Previous down log:
23:18:02 *Tunnelblick: **********************************************
23:18:02 *Tunnelblick: Start of output from client.down.tunnelblick.sh
23:18:02 *Tunnelblick: Cancelled monitoring system configuration changes
23:18:02 *Tunnelblick: Restored State:DNS
23:18:02 *Tunnelblick: Restored Setup:DNS
23:18:02 *Tunnelblick: Restored State:SMB
23:18:02 *Tunnelblick: Restored DNS and SMB settings
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "Outline"
23:18:02 *Tunnelblick: Re-enabled IPv6 (automatic) for "Home"
23:18:02 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
23:18:02 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
23:18:02 *Tunnelblick: End of output from client.down.tunnelblick.sh
23:18:02 *Tunnelblick: **********************************************
================================================================================
Network services:
An asterisk (*) denotes that a network service is disabled.
AX88179A
Wi-Fi
Thunderbolt Bridge
iPhone USB
Hetzner
[REDACTED]
Outline
Home
[REDACTED]
Wi-Fi Power (en0): On
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
anpi0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 8e:c3:ea:75:11:2e
media: none
status: inactive
anpi1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 8e:c3:ea:75:11:2f
media: none
status: inactive
en3: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 8e:c3:ea:75:11:0e
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en5: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=404<VLAN_MTU,CHANNEL_IO>
ether f8:e4:3b:8d:75:47
inet 192.168.88.15 netmask 0xffffff00 broadcast 192.168.88.255
media: autoselect (1000baseT <full-duplex>)
status: active
en4: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 8e:c3:ea:75:11:0f
nd6 options=201<PERFORMNUD,DAD>
media: none
status: inactive
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 36:99:c1:d6:4f:c0
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=460<TSO4,TSO6,CHANNEL_IO>
ether 36:99:c1:d6:4f:c4
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 36:99:c1:d6:4f:c0
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x0
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 10 priority 0 path cost 0
media: <unknown type>
status: inactive
ap1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether 3e:57:dc:2a:ec:cb
inet6 fe80::3c57:dcff:fe2a:eccb%ap1 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether 1c:57:dc:2a:ec:cb
inet 192.168.88.14 netmask 0xffffff00 broadcast 192.168.88.255
media: autoselect
status: active
awdl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether ae:48:d7:cb:2b:9b
inet6 fe80::ac48:d7ff:fecb:2b9b%awdl0 prefixlen 64 scopeid 0xe
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether ae:48:d7:cb:2b:9b
inet6 fe80::ac48:d7ff:fecb:2b9b%llw0 prefixlen 64 scopeid 0xf
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
inet6 fe80::8409:936b:aa70:9c56%utun0 prefixlen 64 scopeid 0x10
nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::9d44:4cb2:3ff:8b2a%utun1 prefixlen 64 scopeid 0x11
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000
inet6 fe80::ce81:b1c:bd2c:69e%utun2 prefixlen 64 scopeid 0x12
nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet6 fe80::cc54:9a3b:9344:a1f0%utun3 prefixlen 64 scopeid 0x13
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
================================================================================
Quit Log:
2024-03-09 23:17:05.653424 applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes)
2024-03-09 23:17:05.657932 shutDownTunnelblick: started.
2024-03-09 23:17:05.659170 shutDownTunnelblick: Starting cleanup.
2024-03-09 23:17:05.659793 cleanup: Entering cleanup
2024-03-09 23:17:05.671146 synchronized user defaults
2024-03-09 23:17:06.576974 shutDownTunnelblick: Cleanup finished.
2024-03-09 23:17:06.578654 Finished shutting down Tunnelblick; allowing termination
================================================================================
Traces Log:
================================================================================
Console Log:
While what you said about resolv not used by most of macOS is true, there is also missing resolver at scutil —dns on main NIC i use after disconnect in DNS configuration (for scoped queries) section.
from tunnelblick.
jkbullard
commented on June 2, 2024
@belykhk - Thanks. We need extra logging information for the up/down scripts.
Please copy/paste the following into /Applications/Utilities/Terminal:
defaults write net.tunnelblick.tunnelblick DB-UP -bool yes
Then try to connect, and get the Diagnostic Info again. This time, you can just post the up and down script logs. That is, everything from "Start of output from client.up.tunnelblick.sh" through "End of output from client.up.tunnelblick.sh" plus everything from "Start of output from Start of output from client.down.tunnelblick.sh" through "End of output from client.down.tunnelblick.sh".
You can then disable the extra logging by copy/pasting:
defaults delete net.tunnelblick.tunnelblick DB-UP
from tunnelblick.
belykhk
commented on June 2, 2024
@jkbullard here is logs you asked:
client.up.tunnelblick.sh
12:25:49 *Tunnelblick: **********************************************
12:25:49 *Tunnelblick: Start of output from client.up.tunnelblick.sh
12:25:51 *Tunnelblick: Disabled IPv6 for 'iPhone USB'
12:25:51 *Tunnelblick: Disabled IPv6 for 'Outline'
12:25:51 *Tunnelblick: Disabled IPv6 for 'Home'
12:25:51 *Tunnelblick: DNS servers '192.168.88.1' will be used for DNS queries when the VPN is active
12:25:51 *Tunnelblick: NOTE: The DNS servers do not include any free public DNS servTunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they through the VPN. Specify only known public DNS servers or DNS servers located on the VPN netwsuch problems.
12:25:51 *Tunnelblick: Will not monitor for network configuration changes.
12:25:51 *Tunnelblick: Flushed the DNS cache via dscacheutil
12:25:51 *Tunnelblick: /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
12:25:51 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
12:25:51 *Tunnelblick: Notified mDNSResponderHelper that the DNS cache was flushed
12:25:51 *Tunnelblick: End of output from client.up.tunnelblick.sh
12:25:51 *Tunnelblick: **********************************************
client.down.tunnelblick.sh
12:26:04 *Tunnelblick: **********************************************
12:26:04 *Tunnelblick: Start of output from client.down.tunnelblick.sh
12:26:04 *Tunnelblick: _________ 0.001 elapsed 0.000 user 0.000 system for run_prefix_or_suffix down-prefix.sh
12:26:04 *Tunnelblick: _________ 0.039 elapsed 0.009 user 0.025 system for get_info_saved_by_up_script
12:26:04 *Tunnelblick: _________ 0.003 elapsed 0.001 user 0.002 system for get_primary_service_id_and_warn_if_it_changed
Unload failed: 5: Input/output error
Try running `launchctl bootout` as root for richer errors.
12:26:04 *Tunnelblick: Cancelled monitoring system configuration changes
12:26:04 *Tunnelblick: _________ 0.008 elapsed 0.001 user 0.003 system for remove_leasewatcher
12:26:04 *Tunnelblick: _________ 0.000 elapsed 0.000 user 0.000 system for release_dhcp
12:26:04 *Tunnelblick: _________ No secondary services to be restored
12:26:04 *Tunnelblick: _________ 0.002 elapsed 0.000 user 0.002 system for restore_disabled_network_services
No such key
12:26:04 *Tunnelblick: Restored State:DNS
No such key
12:26:04 *Tunnelblick: Restored Setup:DNS
12:26:04 *Tunnelblick: Restored DNS and SMB settings
12:26:04 *Tunnelblick: _________ 0.048 elapsed 0.006 user 0.015 system for restore_network_settings
12:26:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "iPhone USB"
12:26:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Outline"
12:26:04 *Tunnelblick: Re-enabled IPv6 (automatic) for "Home"
12:26:04 *Tunnelblick: _________ 0.056 elapsed 0.016 user 0.020 system for restore_ipv6
12:26:04 *Tunnelblick:
12:26:04 *Tunnelblick: _________ /etc/resolve AFTER CHANGES:
12:26:04 *Tunnelblick:
12:26:04 *Tunnelblick: _________ scutil --dns AFTER CHANGES
DNS configuration
resolver #1
flags : Request A records
reach : 0x00000000 (Not Reachable)
resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300000
resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300200
resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300400
resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300600
resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300800
resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 301000
resolver #8
domain : home.belykh.online
search domain[0] : home.belykh.online
nameserver[0] : 192.168.88.1
flags : Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)
DNS configuration (for scoped queries)
resolver #1
search domain[0] : home.belykh.online
nameserver[0] : 192.168.88.1
if_index : 13 (en0)
flags : Scoped, Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)
12:26:04 *Tunnelblick:
12:26:04 *Tunnelblick: _________ 0.016 elapsed 0.003 user 0.010 system for debug_log_current_network_settings
12:26:04 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache
12:26:04 *Tunnelblick: _________ /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
12:26:04 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed
12:26:04 *Tunnelblick: _________ Not notifying mDNSResponderHelper that the DNS cache was flushed because it is not running
12:26:04 *Tunnelblick: _________ 0.034 elapsed 0.004 user 0.016 system for flushDNSCache
12:26:04 *Tunnelblick: _________ 0.001 elapsed 0.000 user 0.001 system for resetPrimaryInterface
No such key
No such key
No such key
No such key
No such key
12:26:04 *Tunnelblick: _________ 0.003 elapsed 0.001 user 0.001 system for remove_system_configuration_items
12:26:04 *Tunnelblick: _________ 0.000 elapsed 0.000 user 0.000 system for run_prefix_or_suffix down-suffix.sh
12:26:04 *Tunnelblick: End of output from client.down.tunnelblick.sh
12:26:04 *Tunnelblick: **********************************************
from tunnelblick.
jkbullard
commented on June 2, 2024
@yinanwang1 - Thanks. In the future, please report problems. We can't fix problems we don't know about!
from tunnelblick.
yinanwang1
commented on June 2, 2024
@yinanwang1 - Thanks. In the future, please report problems. We can't fix problems we don't know about!
Thanks for your reply. I copy the log from Tunnel Blick app, as follow:
2024-03-12 14:27:59.337986 *Tunnelblick: Disconnecting; VPN Details… window disconnect button pressed 2024-03-12 14:27:59.486868 *Tunnelblick: Disconnecting using 'kill' 2024-03-12 14:27:59.842362 event_wait : Interrupted system call (fd=-1,code=4) 2024-03-12 14:27:59.842598 /sbin/route delete -net 10.0.0.0 10.254.254.17 255.0.0.0 delete net 10.0.0.0: gateway 10.254.254.17 2024-03-12 14:27:59.844509 /sbin/route delete -net 10.254.254.1 10.254.254.17 255.255.255.255 delete net 10.254.254.1: gateway 10.254.254.17 2024-03-12 14:27:59.846017 Closing TUN/TAP interface 2024-03-12 14:27:59.846187 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun6 1500 0 10.254.254.18 10.254.254.17 init 14:27:59 *Tunnelblick: ********************************************** 14:27:59 *Tunnelblick: Start of output from client.down.tunnelblick.sh Unload failed: 5: Input/output error Try running launchctl bootout as root for richer errors. 14:27:59 *Tunnelblick: Cancelled monitoring system configuration changes No such key 14:27:59 *Tunnelblick: Restored State:DNS No such key 14:28:00 *Tunnelblick: Restored Setup:DNS 14:28:00 *Tunnelblick: Restored DNS and SMB settings 14:28:00 *Tunnelblick: Flushed the DNS cache with dscacheutil -flushcache 14:28:00 *Tunnelblick: Notified mDNSResponder that the DNS cache was flushed No such key No such key No such key No such key No such key 14:28:00 *Tunnelblick: End of output from client.down.tunnelblick.sh 14:28:00 *Tunnelblick: ********************************************** 2024-03-12 14:28:00.131885 SIGTERM[hard,] received, process exiting 2024-03-12 14:28:00.131896 MANAGEMENT: >STATE:1710224880,EXITING,SIGTERM,,,,, 2024-03-12 14:28:00.760598 *Tunnelblick: Expected disconnection occurred.
I hope it will help you to fix this problem. Thanks.
from tunnelblick.
jkbullard
commented on June 2, 2024
@yinanwang1 - Thank you.
from tunnelblick.
jkbullard
commented on June 2, 2024
The fix for this will be included in the next stable and beta versions of Tunnelblick. They should be available within the next day or so.
from tunnelblick.
Related Issues (20)
- An error occurred when using the configuration file of aws clientvpn HOT 2
- Dynamic challenge script AUTH_FAILED HOT 12
- Username with space improperly handled HOT 7
- Tunnelblick 4.0.0 not able to connect HOT 10
- TunnelBlick 4.0.0 - asking for passphrase with openssl 3.0.13 but no passphrase is required HOT 15
- "This copy of Tunnelblick has been tampered with" when restarting Tunnelblick after using VPN profile for first time HOT 7
- Asking for pass phrase when there is none defined for the connection HOT 1
- Apple just released TN3158, is Tunnelblick affected by anything they wrote? HOT 2
- Ping in IPv6 works, no web requests
- Tunnelblick does not start automatically HOT 6
- The icon width for top menu bar HOT 3
- When I connected to VPN I lose internet access HOT 1
- Upgrade to Macos or Tunnelblick has broken my VPN connection HOT 2
- IPv4 routes not created in dual-stack setup HOT 1
- Tunnelblick don't use the content of auth_failed_reason_file
- Tunnelblick not working on older macs with Sonoma 14.4.1 (OpenCore Patcher) HOT 1
- [Feature Req'] Whitelist/Blacklist which apps go via the vpn. HOT 2
- AES-NI
- Please have a security response in place for vulnerabilites
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tunnelblick.