Utdrag från loggen:
*Tunnelblick: macOS 10.14.5; Tunnelblick 3.7.9a (build 5321); prior version 3.7.9 (build 5320); Admin user
git commit 3bc6323981ad473267f251beb8b8c77d2dc69510
Configuration Integrity_20190527
"Sanitized" condensed configuration file for /Library/Application Support/Tunnelblick/Shared/Integrity_20190527.tblk:
client
dev tun
proto udp
remote openvpn.integrity.st 1197
remote-random
resolv-retry infinite
reneg-sec 0
nobind
persist-key
persist-tun
ca ca.crt
tls-auth tls.key 1
verb 3
mute 10
auth-user-pass
explicit-exit-notify 2
cipher aes-256-cbc
auth SHA512
script-security 2
remote-cert-tls server
compress lzo
================================================================================
Files in Integrity_20190527.tblk:
Contents/Resources/ca.crt
Contents/Resources/tls.key
Contents/Resources/config.ovpn
================================================================================
Configuration preferences:
autoConnect = 1
-onSystemStart = 0
useDNS = 0
-runMtuTest = 0
-keychainHasUsernameAndPassword = 1
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-doNotDisableIpv6onTun = 1
-alwaysShowLoginWindow = 0
-lastConnectionSucceeded = 1
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
================================================================================
Program preferences:
launchAtNextLogin = 1
tunnelblickVersionHistory = (
"3.7.9a (build 5321)",
"3.7.9 (build 5320)",
"3.7.8 (build 5180)"
)
lastLaunchTime = 582464035.663615
doNotShowSplashScreen = 0
showConnectedDurations = 1
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnectingAndConnected
maxLogDisplaySize = 102400
lastConnectedDisplayName = Integrity_20190527
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
updateCheckBetas = 0
NSWindow Frame SettingsSheetWindow = 766 357 829 524 0 0 1680 1027
NSWindow Frame ConnectingWindow = 957 833 389 187 0 0 2304 1273
NSWindow Frame SUUpdateAlert = 530 495 620 392 0 0 1680 1027
detailsWindowFrameVersion = 5321
detailsWindowFrame = {{393, 508}, {920, 468}}
detailsWindowLeftFrame = {{0, 0}, {165, 350}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = settings
leftNavSelectedDisplayName = Integrity_20190527
AdvancedWindowTabIdentifier = whileConnected
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
haveDealtWithAfterDisconnect = 1
SUEnableAutomaticChecks = 1
SUScheduledCheckInterval = 86400
SULastCheckTime = 2019-06-18 11:18:45 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 16
WebKitStandardFont = Times
================================================================================
Tunnelblick Log:
2019-06-18 13:18:39.084102 *Tunnelblick: macOS 10.14.5; Tunnelblick 3.7.9a (build 5321); prior version 3.7.9 (build 5320)
2019-06-18 13:18:39.237214 *Tunnelblick: Attempting connection with Integrity_20190527; Set nameserver = 768; not monitoring connection
2019-06-18 13:18:39.237483 *Tunnelblick: openvpnstart start Integrity_20190527.tblk 64789 768 0 3 1 16688 -ptADGNWradsgnw 2.4.7-openssl-1.0.2r
2019-06-18 13:18:39.302281 *Tunnelblick: openvpnstart starting OpenVPN
2019-06-18 13:18:39.670714 OpenVPN 2.4.7 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Jun 3 2019
2019-06-18 13:18:39.670783 library versions: OpenSSL 1.0.2r 26 Feb 2019, LZO 2.10
2019-06-18 13:18:39.672143 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:64789
2019-06-18 13:18:39.672198 Need hold release from management interface, waiting...
2019-06-18 13:18:39.858657 *Tunnelblick: openvpnstart log:
OpenVPN started successfully.
Command used to start OpenVPN (one argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.7-openssl-1.0.2r/openvpn
--daemon
--log /Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-SIntegrity_20190527.tblk-SContents-SResources-Sconfig.ovpn.768_0_3_1_16688.64789.openvpn.log
--cd /Library/Application Support/Tunnelblick/Shared/Integrity_20190527.tblk/Contents/Resources
--machine-readable-output
--setenv IV_GUI_VER "net.tunnelblick.tunnelblick 5321 3.7.9a (build 5321)"
--verb 3
--config /Library/Application Support/Tunnelblick/Shared/Integrity_20190527.tblk/Contents/Resources/config.ovpn
--setenv TUNNELBLICK_CONFIG_FOLDER /Library/Application Support/Tunnelblick/Shared/Integrity_20190527.tblk/Contents/Resources
--verb 3
--cd /Library/Application Support/Tunnelblick/Shared/Integrity_20190527.tblk/Contents/Resources
--management 127.0.0.1 64789 /Library/Application Support/Tunnelblick/kpapkmbelcbiaengednbeemijneaadbfagalpgbn.mip
--management-query-passwords
--management-hold
--script-security 2
2019-06-18 13:18:39.868557 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:64789
2019-06-18 13:18:39.874499 MANAGEMENT: CMD 'pid'
2019-06-18 13:18:39.874559 MANAGEMENT: CMD 'auth-retry interact'
2019-06-18 13:18:39.874590 MANAGEMENT: CMD 'state on'
2019-06-18 13:18:39.874659 MANAGEMENT: CMD 'state'
2019-06-18 13:18:39.874722 MANAGEMENT: CMD 'bytecount 1'
2019-06-18 13:18:39.875037 *Tunnelblick: Established communication with OpenVPN
2019-06-18 13:18:39.875897 *Tunnelblick: >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info
2019-06-18 13:18:39.878781 MANAGEMENT: CMD 'hold release'
2019-06-18 13:18:39.891412 *Tunnelblick: Obtained VPN username and password from the Keychain
2019-06-18 13:18:39.891643 MANAGEMENT: CMD 'username "Auth" "in027741"'
2019-06-18 13:18:39.891797 MANAGEMENT: CMD 'password [...]'
2019-06-18 13:18:39.896986 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2019-06-18 13:18:39.897018 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2019-06-18 13:18:39.897360 MANAGEMENT: >STATE:1560856719,RESOLVE,,,,,,
2019-06-18 13:18:42.405796 TCP/UDP: Preserving recently used remote address: [AF_INET]176.10.248.202:1197
2019-06-18 13:18:42.405924 Socket Buffers: R=[786896->786896] S=[9216->9216]
2019-06-18 13:18:42.405954 UDP link local: (not bound)
2019-06-18 13:18:42.405979 UDP link remote: [AF_INET]176.10.248.202:1197
2019-06-18 13:18:42.406204 MANAGEMENT: >STATE:1560856722,WAIT,,,,,,
2019-06-18 13:18:42.658333 MANAGEMENT: >STATE:1560856722,AUTH,,,,,,
2019-06-18 13:18:42.658378 TLS: Initial packet from [AF_INET]176.10.248.202:1197, sid=ddab8b94 ee0951c8
2019-06-18 13:18:42.658525 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2019-06-18 13:18:42.896643 VERIFY OK: depth=1, C=SE, ST=S, L=Stockholm, O=5july.org, OU=integrityvpn, CN=5july.org CA, name=integrityvpn, emailAddress=
admin@integrity.st
2019-06-18 13:18:42.899267 VERIFY KU OK
2019-06-18 13:18:42.899331 Validating certificate extended key usage
2019-06-18 13:18:42.899355 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2019-06-18 13:18:42.899373 VERIFY EKU OK
2019-06-18 13:18:42.899392 VERIFY OK: depth=0, C=SE, ST=S, L=Stockholm, O=5july.org, OU=integrityvpn, CN=integrityvpn, name=integrityvpn, emailAddress=
admin@integrity.st
2019-06-18 13:18:43.297798 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
2019-06-18 13:18:43.297899 [integrityvpn] Peer Connection Initiated with [AF_INET]176.10.248.202:1197
2019-06-18 13:18:44.571266 MANAGEMENT: >STATE:1560856724,GET_CONFIG,,,,,,
2019-06-18 13:18:44.571448 SENT CONTROL [integrityvpn]: 'PUSH_REQUEST' (status=1)
2019-06-18 13:18:44.617795 PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 fdf1:8056:6ebe:1::137/64 fdf1:8056:6ebe:1::1,route-gateway 10.251.16.1,topology subnet,route 176.10.248.202 255.255.255.255 net_gateway,redirect-gateway def1,dhcp-option DNS 213.80.98.2,dhcp-option DNS 213.80.101.3,dhcp-option DNS 79.136.77.113,tun-ipv6,route-ipv6 2000::/3,ping 5,ping-restart 30,ifconfig 10.251.16.57 255.255.255.0'
2019-06-18 13:18:44.618115 OPTIONS IMPORT: timers and/or timeouts modified
2019-06-18 13:18:44.618153 OPTIONS IMPORT: --ifconfig/up options modified
2019-06-18 13:18:44.618172 OPTIONS IMPORT: route options modified
2019-06-18 13:18:44.618189 OPTIONS IMPORT: route-related options modified
2019-06-18 13:18:44.618205 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2019-06-18 13:18:44.618413 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2019-06-18 13:18:44.618443 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2019-06-18 13:18:44.618503 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2019-06-18 13:18:44.618526 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2019-06-18 13:18:44.618969 GDG6: remote_host_ipv6=n/a
2019-06-18 13:18:44.619006 GDG6: problem writing to routing socket
2019-06-18 13:18:44.619117 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
2019-06-18 13:18:44.619381 Opened utun device utun1
2019-06-18 13:18:44.619507 MANAGEMENT: >STATE:1560856724,ASSIGN_IP,,10.251.16.57,,,,,fdf1:8056:6ebe:1::137
2019-06-18 13:18:44.619567 /sbin/ifconfig utun1 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2019-06-18 13:18:44.630450 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2019-06-18 13:18:44.630539 /sbin/ifconfig utun1 10.251.16.57 10.251.16.57 netmask 255.255.255.0 mtu 1500 up
2019-06-18 13:18:44.633609 /sbin/route add -net 10.251.16.0 10.251.16.57 255.255.255.0
add net 10.251.16.0: gateway 10.251.16.57
2019-06-18 13:18:44.639449 /sbin/ifconfig utun1 inet6 fdf1:8056:6ebe:1::137/64
2019-06-18 13:18:44.643809 add_route_ipv6(fdf1:8056:6ebe:1::/64 -> fdf1:8056:6ebe:1::137 metric 0) dev utun1
2019-06-18 13:18:44.643862 /sbin/route add -inet6 fdf1:8056:6ebe:1:: -prefixlen 64 -iface utun1
route: writing to routing socket: File exists
add net fdf1:8056:6ebe:1::: gateway utun1: File exists
2019-06-18 13:18:44.648795 /sbin/route add -net 176.10.248.202 192.168.43.191 255.255.255.255
add net 176.10.248.202: gateway 192.168.43.191
2019-06-18 13:18:44.652341 /sbin/route add -net 0.0.0.0 10.251.16.1 128.0.0.0
add net 0.0.0.0: gateway 10.251.16.1
2019-06-18 13:18:44.655250 /sbin/route add -net 128.0.0.0 10.251.16.1 128.0.0.0
add net 128.0.0.0: gateway 10.251.16.1
2019-06-18 13:18:44.658414 MANAGEMENT: >STATE:1560856724,ADD_ROUTES,,,,,,
2019-06-18 13:18:44.658466 /sbin/route add -net 176.10.248.202 192.168.43.191 255.255.255.255
route: writing to routing socket: File exists
add net 176.10.248.202: gateway 192.168.43.191: File exists
2019-06-18 13:18:44.661649 add_route_ipv6(2000::/3 -> fdf1:8056:6ebe:1::1 metric -1) dev utun1
2019-06-18 13:18:44.661692 /sbin/route add -inet6 2000:: -prefixlen 3 -iface utun1
add net 2000::: gateway utun1
2019-06-18 13:18:44.665175 Initialization Sequence Completed
2019-06-18 13:18:44.665254 MANAGEMENT: >STATE:1560856724,CONNECTED,SUCCESS,10.251.16.57,176.10.248.202,1197,,,fdf1:8056:6ebe:1::137
2019-06-18 13:18:44.810744 *Tunnelblick: No 'connected.sh' script to execute
2019-06-18 13:18:44.874637 *Tunnelblick: DNS address 1.0.0.1 is being routed through the VPN
2019-06-18 13:18:44.980278 *Tunnelblick: DNS address 1.1.1.1 is being routed through the VPN
2019-06-18 13:18:45.086180 *Tunnelblick: DNS address 208.67.220.220 is being routed through the VPN
2019-06-18 13:18:45.414087 *Tunnelblick: DNS address 208.67.222.222 is being routed through the VPN
2019-06-18 13:18:45.414520 *Tunnelblick: DNS address 8.8.4.4 is being routed through the VPN
2019-06-18 13:18:45.414862 *Tunnelblick: DNS address 8.8.8.8 is being routed through the VPN
2019-06-18 13:18:50.459290 *Tunnelblick: This computer's apparent public IP address changed from 94.234.32.82 before connection to 176.10.248.203 after connection
================================================================================
Network services:
An asterisk (*) denotes that a network service is disabled.
USB 10/100/1000 LAN
Wi-Fi
Bluetooth PAN
Thunderbolt Bridge
Wi-Fi Power (en0): On
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
XHC1: flags=0<> mtu 0
XHC20: flags=0<> mtu 0
XHC0: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 88:e9:fe:52:69:65
inet 192.168.43.207 netmask 0xffffff00 broadcast 192.168.43.255
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 0a:e9:fe:52:69:65
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether 56:a0:5e:68:df:06
inet6 fe80::54a0:5eff:fe68:df06%awdl0 prefixlen 64 scopeid 0xa
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
en3: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether f6:00:64:68:39:05
media: autoselect <full-duplex>
status: inactive
en4: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether f6:00:64:68:39:04
media: autoselect <full-duplex>
status: inactive
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether f6:00:64:68:39:01
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether f6:00:64:68:39:00
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether f6:00:64:68:39:01
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 13 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 14 priority 0 path cost 0
member: en3 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 11 priority 0 path cost 0
member: en4 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 12 priority 0 path cost 0
media: <unknown type>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::61da:f845
5123%utun0 prefixlen 64 scopeid 0x10
nd6 options=201<PERFORMNUD,DAD>
en5: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether ac
48:00:11:22
inet6 fe80::aede:48ff:fe00:1122%en5 prefixlen 64 scopeid 0x7
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 10.251.16.57 --> 10.251.16.57 netmask 0xffffff00
inet6 fe80::8ae9:feff:fe52:6965%utun1 prefixlen 64 scopeid 0x11
inet6 fdf1:8056:6ebe:1::137 prefixlen 64
nd6 options=201<PERFORMNUD,DAD>
================================================================================
Non-Apple kexts that are loaded:
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
83 0 0xffffff7f80f8d000 0x5000 0x5000 com.bitdefender.SelfProtect (1.2.12) 495EE2DC-C38A-30F1-8CD4-C65BD5287D51 <6 5 3 2 1>
169 0 0xffffff7f83baf000 0x8000 0x8000 com.malwarebytes.mbam.rtprotection (3.8.17) F585CC73-569E-3704-9AA7-BDE0EC278F93 <6 5 3 1>
170 0 0xffffff7f80f82000 0x6000 0x6000 com.bitdefender.FileProtect (1) 20EFA938-77E4-390A-9ED8-94E812C1E7BE <6 5 1>
171 0 0xffffff7f80d11000 0x3000 0x3000 com.bitdefender.TMProtection (5.0.0) 8E4E6537-0E08-3AF8-AE4C-4C5AA13E6927 <5 1>
172 0 0xffffff7f83bb7000 0x15000 0x15000 com.google.drivefs.filesystems.dfsfuse (31.0.16) 2711E483-44C6-3200-A9A7-C501A6382A73 <8 6 5 3 1>
================================================================================
Console Log:
2019-06-18 13:18:39.083515 Tunnelblick[37678] Cleared 'expect disconnect 0 -SLibrary-SApplication Support-STunnelblick-SShared-SIntegrity_20190527-Dtblk-SContents-SResources'