Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1544'
- WARNING: 'cipher' is used inconsistently, local='cipher AES-256-GCM', remote='cipher BF-CBC'
- WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
- WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
- [openvpn]
- accept = 44444
- connect = 127.0.0.1:1194
- ciphers = DHE-RSA-AES256-SHA256
- [sslssh]
- accept = 55555
- connect = 127.0.0.1:22
- client = yes
- accept = 127.0.0.1:11194
- connect = <my_ip>:44444
- ;cert = /usr/local/etc/stunnel/cert.pem
- ;connect = 192.168.255.25:44444
- ciphers = DHE-RSA-AES256-SHA256
- [sslssh]
- client = yes
- accept = 127.0.0.1:2222
- connect = <my_IP>:55555
- remote localhost 11194
- proto tcp
- remote-cert-tls server
- client
- dev tun
- resolv-retry infinite
- keepalive 10 120
- nobind
- comp-lzo
- verb 3
- port 1194
- proto tcp
- dev tun
- comp-lzo
- keepalive 10 120
- persist-key
- persist-tun
- user nobody
- group nogroup
- chroot /etc/openvpn/easy-rsa/keys/crl.jail
- crl-verify crl.pem
- ca /etc/openvpn/easy-rsa/keys/ca.crt
- dh /etc/openvpn/easy-rsa/keys/dh2048.pem
- tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
- key /etc/openvpn/easy-rsa/keys/server.key
- cert /etc/openvpn/easy-rsa/keys/server.crt
- ifconfig-pool-persist /var/lib/openvpn/server.ipp
- client-config-dir /etc/openvpn/server.ccd
- status /var/log/openvpn/server.log
- verb 4
- 2019-05-27 14:10:53 *Tunnelblick: openvpnstart starting OpenVPN
- *Tunnelblick: OS X 10.14.6; Tunnelblick 3.7.5a (build 5011); prior version 3.4.0 (build 4007)
- 2019-05-27 14:10:53 *Tunnelblick: Attempting connection with mikewarde_tcp_stunnel using shadow copy; Set nameserver = 769; monitoring connection
- 2019-05-27 14:10:53 *Tunnelblick: openvpnstart start mikewarde_tcp_stunnel.tblk 1337 769 0 1 0 1065264 -ptADGNWradsgnw 2.4.4-openssl-1.0.2o
- 2019-05-27 14:10:54 *Tunnelblick: openvpnstart log:
- OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
- /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.4-openssl-1.0.2o/openvpn
- --daemon
- --log
- /Library/Application Support/Tunnelblick/Logs/-SUsers-Smikewarde-SLibrary-SApplication Support-STunnelblick-SConfigurations-Smikewarde_tcp_stunnel.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1065264.1337.openvpn.log
- --cd
- /Library/Application Support/Tunnelblick/Users/mikewarde/mikewarde_tcp_stunnel.tblk/Contents/Resources
- --setenv
- IV_GUI_VER
- "net.tunnelblick.tunnelblick 5011 3.7.5a (build 5011)"
- --verb
- 3
- --config
- /Library/Application Support/Tunnelblick/Users/mikewarde/mikewarde_tcp_stunnel.tblk/Contents/Resources/config.ovpn
- --verb
- 3
- --cd
- /Library/Application Support/Tunnelblick/Users/mikewarde/mikewarde_tcp_stunnel.tblk/Contents/Resources
- --management
- 127.0.0.1
- 1337
- /Library/Application Support/Tunnelblick/fognhooiggkindigaihckcifckpilcfpnmgdikmh.mip
- --management-query-passwords
- --management-hold
- --script-security
- 2
- --up
- /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
- --down
- /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
- 2019-05-27 14:10:54 *Tunnelblick: Established communication with OpenVPN
- 2019-05-27 14:10:54 OpenVPN 2.4.4 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Mar 27 2018
- 2019-05-27 14:10:54 library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
- 2019-05-27 14:10:54 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
- 2019-05-27 14:10:54 Need hold release from management interface, waiting...
- 2019-05-27 14:10:54 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
- 2019-05-27 14:10:54 MANAGEMENT: CMD 'pid'
- 2019-05-27 14:10:54 MANAGEMENT: CMD 'state on'
- 2019-05-27 14:10:54 MANAGEMENT: CMD 'state'
- 2019-05-27 14:10:54 MANAGEMENT: CMD 'bytecount 1'
- 2019-05-27 14:10:54 MANAGEMENT: CMD 'hold release'
- 2019-05-27 14:10:54 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
- 2019-05-27 14:10:54 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
- 2019-05-27 14:10:54 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
- 2019-05-27 14:10:54 MANAGEMENT: >STATE:1558962654,RESOLVE,,,,,,
- 2019-05-27 14:10:54 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:11194
- 2019-05-27 14:10:54 Socket Buffers: R=[131072->131072] S=[131072->131072]
- 2019-05-27 14:10:54 Attempting to establish TCP connection with [AF_INET]127.0.0.1:11194 [nonblock]
- 2019-05-27 14:10:54 MANAGEMENT: >STATE:1558962654,TCP_CONNECT,,,,,,
- 2019-05-27 14:10:55 TCP connection established with [AF_INET]127.0.0.1:11194
- 2019-05-27 14:10:55 TCP_CLIENT link local: (not bound)
- 2019-05-27 14:10:55 TCP_CLIENT link remote: [AF_INET]127.0.0.1:11194
- 2019-05-27 14:10:55 MANAGEMENT: >STATE:1558962655,WAIT,,,,,,
- 2019-05-27 14:10:55 MANAGEMENT: >STATE:1558962655,AUTH,,,,,,
- 2019-05-27 14:10:55 TLS: Initial packet from [AF_INET]127.0.0.1:11194, sid=c58c277c 5918dc12
- 2019-05-27 14:10:55 VERIFY OK: depth=1, C=US, ST=CA, L=San Francisco, O=TurnKey Linux, OU=OpenVPN, CN=server, name=openvpn, emailAddress=vpn@radged.com
- 2019-05-27 14:10:55 VERIFY KU OK
- 2019-05-27 14:10:55 Validating certificate extended key usage
- 2019-05-27 14:10:55 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
- 2019-05-27 14:10:55 VERIFY EKU OK
- 2019-05-27 14:10:55 VERIFY OK: depth=0, C=US, ST=CA, L=San Francisco, O=TurnKey Linux, OU=OpenVPN, CN=server, name=openvpn, emailAddress=vpn@radged.com
- 2019-05-27 14:10:55 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
- 2019-05-27 14:10:55 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:11194
- 2019-05-27 14:10:57 MANAGEMENT: >STATE:1558962657,GET_CONFIG,,,,,,
- 2019-05-27 14:10:57 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
- 2019-05-27 14:10:57 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.222.29.1,topology net30,ping 10,ping-restart 120,ifconfig 10.222.29.6 10.222.29.5,peer-id 0,cipher AES-256-GCM'
- 2019-05-27 14:10:57 OPTIONS IMPORT: timers and/or timeouts modified
- 2019-05-27 14:10:57 OPTIONS IMPORT: --ifconfig/up options modified
- 2019-05-27 14:10:57 OPTIONS IMPORT: route options modified
- 2019-05-27 14:10:57 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
- 2019-05-27 14:10:57 OPTIONS IMPORT: peer-id set
- 2019-05-27 14:10:57 OPTIONS IMPORT: adjusting link_mtu to 1627
- 2019-05-27 14:10:57 OPTIONS IMPORT: data channel crypto options modified
- 2019-05-27 14:10:57 Data Channel: using negotiated cipher 'AES-256-GCM'
- 2019-05-27 14:10:57 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
- 2019-05-27 14:10:57 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
- 2019-05-27 14:10:57 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
- 2019-05-27 14:10:57 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
- 2019-05-27 14:10:57 Opened utun device utun2
- 2019-05-27 14:10:57 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
- 2019-05-27 14:10:57 MANAGEMENT: >STATE:1558962657,ASSIGN_IP,,10.222.29.6,,,,
- 2019-05-27 14:10:57 /sbin/ifconfig utun2 delete
- ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
- 2019-05-27 14:10:57 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
- 2019-05-27 14:10:57 /sbin/ifconfig utun2 10.222.29.6 10.222.29.5 mtu 1500 netmask 255.255.255.255 up
- 2019-05-27 14:10:57 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun2 1500 1555 10.222.29.6 10.222.29.5 init
- **********************************************
- Start of output from client.up.tunnelblick.sh
- Disabled IPv6 for 'iPhone USB'
- Disabled IPv6 for 'Wi-Fi'
- Disabled IPv6 for 'Bluetooth PAN'
- Disabled IPv6 for 'Thunderbolt Bridge'
- Retrieved from OpenVPN: name server(s) [ 208.67.222.222 208.67.220.220 ], search domain(s) [ ] and SMB server(s) [ ] and using default domain name [ openvpn ]
- WARNING: Ignoring ServerAddresses '208.67.222.222 208.67.220.220' because ServerAddresses was set manually and '-allowChangesToManuallySetNetworkSettings' was not specified
- Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually (or are allowed to be changed) and 'Prepend domain name to search domains' was not selected
- Saved the DNS and SMB configurations so they can be restored
- Did not change DNS ServerAddresses setting of '1.1.1.1 1.0.0.1' (but re-set it)
- Changed DNS SearchDomains setting from '' to 'openvpn'
- Changed DNS DomainName setting from '' to 'openvpn'
- Did not change SMB NetBIOSName setting of ''
- Did not change SMB Workgroup setting of ''
- Did not change SMB WINSAddresses setting of ''
- DNS servers '1.1.1.1 1.0.0.1' were set manually
- DNS servers '1.1.1.1 1.0.0.1' will be used for DNS queries when the VPN is active
- NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
- Flushed the DNS cache via dscacheutil
- /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
- Notified mDNSResponder that the DNS cache was flushed
- Setting up to monitor system configuration with process-network-changes
- End of output from client.up.tunnelblick.sh
- **********************************************
- 2019-05-27 14:11:00 *Tunnelblick: No 'connected.sh' script to execute
- 2019-05-27 14:11:00 /sbin/route add -net 127.0.0.1 192.168.255.1 255.255.255.255
- add net 127.0.0.1: gateway 192.168.255.1
- 2019-05-27 14:11:00 /sbin/route add -net 0.0.0.0 10.222.29.5 128.0.0.0
- add net 0.0.0.0: gateway 10.222.29.5
- 2019-05-27 14:11:00 /sbin/route add -net 128.0.0.0 10.222.29.5 128.0.0.0
- add net 128.0.0.0: gateway 10.222.29.5
- 2019-05-27 14:11:00 MANAGEMENT: >STATE:1558962660,ADD_ROUTES,,,,,,
- 2019-05-27 14:11:00 /sbin/route add -net 10.222.29.1 10.222.29.5 255.255.255.255
- add net 10.222.29.1: gateway 10.222.29.5
- 2019-05-27 14:11:00 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
- 2019-05-27 14:11:00 Initialization Sequence Completed
- 2019-05-27 14:11:00 MANAGEMENT: >STATE:1558962660,CONNECTED,SUCCESS,10.222.29.6,127.0.0.1,11194,127.0.0.1,55166
- 2019-05-27 14:11:24 Connection reset, restarting [-1]
- 2019-05-27 14:11:24 /sbin/route delete -net 10.222.29.1 10.222.29.5 255.255.255.255
- delete net 10.222.29.1: gateway 10.222.29.5
- 2019-05-27 14:11:24 /sbin/route delete -net 127.0.0.1 192.168.255.1 255.255.255.255
- delete net 127.0.0.1: gateway 192.168.255.1
- 2019-05-27 14:11:24 /sbin/route delete -net 0.0.0.0 10.222.29.5 128.0.0.0
- delete net 0.0.0.0: gateway 10.222.29.5
- 2019-05-27 14:11:24 /sbin/route delete -net 128.0.0.0 10.222.29.5 128.0.0.0
- delete net 128.0.0.0: gateway 10.222.29.5
- 2019-05-27 14:11:24 Closing TUN/TAP interface
- 2019-05-27 14:11:24 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun2 1500 1555 10.222.29.6 10.222.29.5 init
- **********************************************
- Start of output from client.down.tunnelblick.sh
- Cancelled monitoring of system configuration changes
- Restored the DNS and SMB configurations
- Re-enabled IPv6 (automatic) for 'iPhone USB'
- Re-enabled IPv6 (automatic) for 'Wi-Fi'
- Re-enabled IPv6 (automatic) for 'Bluetooth PAN'
- Re-enabled IPv6 (automatic) for 'Thunderbolt Bridge'
- Flushed the DNS cache via dscacheutil
- /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
- Notified mDNSResponder that the DNS cache was flushed
- End of output from client.down.tunnelblick.sh
- **********************************************
- 2019-05-27 14:11:25 SIGUSR1[soft,connection-reset] received, process restarting
- 2019-05-27 14:11:25 MANAGEMENT: >STATE:1558962685,RECONNECTING,connection-reset,,,,,
- 2019-05-27 14:11:25 *Tunnelblick: No 'reconnecting.sh' script to execute
- 2019-05-27 14:11:25 MANAGEMENT: CMD 'hold release'
- 2019-05-27 14:11:25 MANAGEMENT: CMD 'hold release'
- 2019-05-27 14:11:25 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
- 2019-05-27 14:11:25 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
- 2019-05-27 14:11:25 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
- 2019-05-27 14:11:25 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:11194
- 2019-05-27 14:11:25 Socket Buffers: R=[131072->131072] S=[131072->131072]
- 2019-05-27 14:11:25 Attempting to establish TCP connection with [AF_INET]127.0.0.1:11194 [nonblock]
- 2019-05-27 14:11:25 MANAGEMENT: >STATE:1558962685,TCP_CONNECT,,,,,,
- 2019-05-27 14:11:26 TCP connection established with [AF_INET]127.0.0.1:11194
- 2019-05-27 14:11:26 TCP_CLIENT link local: (not bound)
- 2019-05-27 14:11:26 TCP_CLIENT link remote: [AF_INET]127.0.0.1:11194
- 2019-05-27 14:11:26 MANAGEMENT: >STATE:1558962686,WAIT,,,,,,
- 2019-05-27 14:11:26 MANAGEMENT: >STATE:1558962686,AUTH,,,,,,
- 2019-05-27 14:11:26 TLS: Initial packet from [AF_INET]127.0.0.1:11194, sid=072914d3 4912c8a0
- 2019-05-27 14:11:26 VERIFY OK: depth=1, C=US, ST=CA, L=San Francisco, O=TurnKey Linux, OU=OpenVPN, CN=server, name=openvpn, emailAddress=vpn@radged.com
- 2019-05-27 14:11:26 VERIFY KU OK
- 2019-05-27 14:11:26 Validating certificate extended key usage
- 2019-05-27 14:11:26 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
- 2019-05-27 14:11:26 VERIFY EKU OK
- 2019-05-27 14:11:26 VERIFY OK: depth=0, C=US, ST=CA, L=San Francisco, O=TurnKey Linux, OU=OpenVPN, CN=server, name=openvpn, emailAddress=vpn@radged.com
- 2019-05-27 14:11:26 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1544'
- 2019-05-27 14:11:26 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-GCM', remote='cipher BF-CBC'
- 2019-05-27 14:11:26 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
- 2019-05-27 14:11:26 WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
- 2019-05-27 14:11:26 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
- 2019-05-27 14:11:26 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:11194
- 2019-05-27 14:11:26 *Tunnelblick: Disconnecting; notification window disconnect button pressed
- 2019-05-27 14:11:27 *Tunnelblick: No 'pre-disconnect.sh' script to execute
- 2019-05-27 14:11:27 *Tunnelblick: Disconnecting using 'kill'
- 2019-05-27 14:11:27 event_wait : Interrupted system call (code=4)
- 2019-05-27 14:11:27 SIGTERM[hard,] received, process exiting
- 2019-05-27 14:11:27 MANAGEMENT: >STATE:1558962687,EXITING,SIGTERM,,,,,
- 2019-05-27 14:11:27 *Tunnelblick: No 'post-disconnect.sh' script to execute
- 2019-05-27 14:11:27 *Tunnelblick: Expected disconnection occurred.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement