Tunnelblick over stunnel - connects but does not work - stunnel-users

10 Nov 2017


      Hi!
As OpenVPN seems to become banned in increasing number of countries, I had
to look for a way to foil DPI. Wrapping OpenVPN traffic into stunnel
SSL-secured connection seems promising but... On Windows machine it really
works just fine. But on macOS it connects, but then no surfing or other
Internet application works whatsoever. Looks like DNS problem but may be
it's different...
Moreover, in 40 secs or so Tunnelblick disconnects with message "2017-11-10
00:08:54 *Tunnelblick: After 30.0 seconds, gave up trying to fetch IP
address information using the ipInfo host's name after connecting.
2017-11-10 00:09:30 *Tunnelblick: After 30.0 seconds, gave up trying to
fetch IP address information using the ipInfo host's IP address after
connecting". Then it tries to connect again but never succeeds and cycles
forever.
Please find stunnel config and Tunnelblik full log below. Would appreciate
any help!
[STUNNEL]
$ stunnel -version
stunnel 5.23 on x86_64-apple-darwin14.5.0 platform
Compiled with OpenSSL 0.9.8zd 8 Jan 2015
Running  with OpenSSL 0.9.8zh 14 Jan 2016
Update OpenSSL shared libraries or rebuild stunnel
Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,OCSP
Global options:
debug                  = daemon.notice
RNDbytes               = 64
RNDfile                = /dev/urandom
RNDoverwrite           = yes
Service-level options:
ciphers                = HIGH:+3DES:+DH:!aNULL:!SSLv2
curve                  = prime256v1
debug                  = notice
logId                  = sequential
options                = NO_SSLv2
options                = NO_SSLv3
sessionCacheSize       = 1000
sessionCacheTimeout    = 300 seconds
stack                  = 65536 bytes
TIMEOUTbusy            = 300 seconds
TIMEOUTclose           = 60 seconds
TIMEOUTconnect         = 10 seconds
TIMEOUTidle            = 43200 seconds
verify                 = none
stunnel.conf file:
cert=stunnel.pem
options=NO_SSLv2
[openvpn]
client=yes
accept=localhost:989
connect=X.X.X.X:990
[TUNNELBLICK]
*Tunnelblick: OS X 10.12.6; Tunnelblick 3.7.4 (build 4900); prior version
3.7.3 (build 4880); Standard user
git commit 0f68fae3cabe6b2ebdc9fbb3054232074c03bbfb
Configuration client2_pc_stunnel
"Sanitized" condensed configuration file for /Library/Application
Support/Tunnelblick/Shared/client2_pc_stunnel.tblk:
client
dev tun
proto tcp
remote 127.0.0.1 989
resolv-retry infinite
nobind
persist-key
persist-tun
verb 3
remote-cert-tls server
keepalive 10 120
tls-client
key-direction 1
<ca>
[Security-related line(s) omitted]
</ca>
<cert>
[Security-related line(s) omitted]
</cert>
<key>
[Security-related line(s) omitted]
</key>
<tls-auth>
[Security-related line(s) omitted]
</tls-auth>
================================================================================
XXX
================================================================================
There are no unusual files in client2_pc_stunnel.tblk
================================================================================
Configuration preferences:
useDNS = 1
-notMonitoringConnection = 0
-resetPrimaryInterfaceAfterDisconnect = 1
-routeAllTrafficThroughVpn = 1
-runMtuTest = 0
-doNotFlushCache = 0
-useRouteUpInsteadOfUp = 1
-openvpnVersion = -
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
-keepConnected = 1
-lastConnectionSucceeded = 1
-prependDomainNameToSearchDomains = 1
================================================================================
Wildcard preferences:
-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
================================================================================
Program preferences:
skipWarningAboutNonAdminUpdatingTunnelblick = 1
skipWarningThatIPANotFetchedBeforeConnection = 1
skipWarningThatInternetIsNotReachable = 1
skipWarningAboutPlacingIconNearTheSpotlightIcon = 1
placeIconInStandardPositionInStatusBar = 0
launchAtNextLogin = 1
notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0
tunnelblickVersionHistory = (
    "3.7.4 (build 4900)",
    "3.7.3 (build 4880)",
    "3.7.2a (build 4851)",
    "3.7.2 (build 4850)",
    "3.7.1b (build 4813)",
    "3.7.1a (build 4812)",
    "3.7.1 (build 4811)",
    "3.7.0 (build 4790)",
    "3.6.9 (build 4685)",
    "3.6.8 (build 4625)"
)
statusDisplayNumber = 0
lastLaunchTime = 531944638.592689
showConnectedDurations = 1
lastLanguageAtLaunchWasRTL = 0
connectionWindowDisplayCriteria = showWhenConnecting
maxLogDisplaySize = 102400
lastConnectedDisplayName = client2_pc_stunnel
keyboardShortcutIndex = 1
updateCheckAutomatically = 1
NSWindow Frame SettingsSheetWindow = 367 167 829 524 0 0 1280 777
NSWindow Frame ConnectingWindow = 469 442 389 187 0 0 1280 777
NSWindow Frame SUStatusFrame = 624 664 400 129 0 0 1600 877
NSWindow Frame SUUpdateAlert = 516 363 620 392 0 0 1600 877
NSWindow Frame ListingWindow = 64 330 500 422 0 0 1280 777
detailsWindowFrameVersion = 4900
detailsWindowFrame = {{48, 0}, {1232, 777}}
detailsWindowLeftFrame = {{0, 0}, {224, 659}}
detailsWindowViewIndex = 0
detailsWindowConfigurationsTabIdentifier = log
leftNavSelectedDisplayName = client2_pc_stunnel
AdvancedWindowTabIdentifier = whileConnected
haveDealtWithOldTunTapPreferences = 1
haveDealtWithOldLoginItem = 1
SUEnableAutomaticChecks = 1
SUFeedURL = https://www.tunnelblick.net/appcast-s.rss
SUScheduledCheckInterval = 86400
SUSendProfileInfo = 1
SULastCheckTime = 2017-11-09 18:24:28 +0000
SULastProfileSubmissionDate = 2017-11-08 18:10:57 +0000
SUHasLaunchedBefore = 1
WebKitDefaultFontSize = 11
WebKitStandardFont = .AppleSystemUIFont
askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1
haveDealtWithSparkle1dot5b6 = 1
tunnelblickdHash =
004cdba8e08abd144bc48409040bc80e29c12ee9741ed7d73754f51d2547f7ea
tunnelblickdPlistHash =
ce400d395d1801b003398461b5420021f4d591822783a04b79b2f43956d28620
updateSendProfileInfo = 1
================================================================================
Tunnelblick Log:
*Tunnelblick: OS X 10.12.6; Tunnelblick 3.7.4 (build 4900); prior version
3.7.3 (build 4880)
2017-11-10 00:08:03 *Tunnelblick: Attempting connection with
client2_pc_stunnel; Set nameserver = 769; monitoring connection
2017-11-10 00:08:03 *Tunnelblick: openvpnstart start
client2_pc_stunnel.tblk 1337 769 0 3 0 1099696 -ptADGNWradsgnw
2.4.4-libressl-2.5.5
2017-11-10 00:08:03 *Tunnelblick: openvpnstart log:
     OpenVPN started successfully. Command used to start OpenVPN (one
argument per displayed line):
/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.4-libressl-2.5.5/openvpn
          --daemon
          --log
          /Library/Application
Support/Tunnelblick/Logs/-SLibrary-SApplication
Support-STunnelblick-SShared-Sclient2_pc_stunnel.tblk-SContents-SResources-Sconfig.ovpn.769_0_3_0_1099696.1337.openvpn.log
          --cd
          /Library/Application
Support/Tunnelblick/Shared/client2_pc_stunnel.tblk/Contents/Resources
          --setenv
          IV_GUI_VER
          "net.tunnelblick.tunnelblick 4900 3.7.4 (build 4900)"
          --verb
          3
          --config
          /Library/Application
Support/Tunnelblick/Shared/client2_pc_stunnel.tblk/Contents/Resources/config.ovpn
          --verb
          3
          --cd
          /Library/Application
Support/Tunnelblick/Shared/client2_pc_stunnel.tblk/Contents/Resources
          --management
          127.0.0.1
          1337
          --management-query-passwords
          --management-hold
          --redirect-gateway
          def1
          --script-security
          2
          --route-up
          /Applications/Tunnelblick.app/Contents/Resources/
client.up.tunnelblick.sh -9 -d -f -m -p -r -w -ptADGNWradsgnw
          --down
          /Applications/Tunnelblick.app/Contents/Resources/
client.down.tunnelblick.sh -9 -d -f -m -p -r -w -ptADGNWradsgnw
2017-11-10 00:08:03 OpenVPN 2.4.4 x86_64-apple-darwin [SSL (OpenSSL)] [LZO]
[LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Nov  2 2017
2017-11-10 00:08:03 library versions: LibreSSL 2.5.5, LZO 2.10
2017-11-10 00:08:03 MANAGEMENT: TCP Socket listening on [AF_INET]
127.0.0.1:1337
2017-11-10 00:08:03 Need hold release from management interface, waiting...
2017-11-10 00:08:03 MANAGEMENT: Client connected from [AF_INET]
127.0.0.1:1337
2017-11-10 00:08:03 *Tunnelblick: openvpnstart starting OpenVPN
2017-11-10 00:08:04 *Tunnelblick: Established communication with OpenVPN
2017-11-10 00:08:04 MANAGEMENT: CMD 'pid'
2017-11-10 00:08:04 MANAGEMENT: CMD 'state on'
2017-11-10 00:08:04 MANAGEMENT: CMD 'state'
2017-11-10 00:08:04 MANAGEMENT: CMD 'bytecount 1'
2017-11-10 00:08:04 MANAGEMENT: CMD 'hold release'
2017-11-10 00:08:04 NOTE: the current --script-security setting may allow
this configuration to call user-defined scripts
2017-11-10 00:08:04 Outgoing Control Channel Authentication: Using 160 bit
message hash 'SHA1' for HMAC authentication
2017-11-10 00:08:04 Incoming Control Channel Authentication: Using 160 bit
message hash 'SHA1' for HMAC authentication
2017-11-10 00:08:04 TCP/UDP: Preserving recently used remote address:
[AF_INET]127.0.0.1:989
2017-11-10 00:08:04 Socket Buffers: R=[131072->131072] S=[131072->131072]
2017-11-10 00:08:04 Attempting to establish TCP connection with [AF_INET]
127.0.0.1:989 [nonblock]
2017-11-10 00:08:04 MANAGEMENT: >STATE:1510254484,TCP_CONNECT,,,,,,
2017-11-10 00:08:04 TCP connection established with [AF_INET]127.0.0.1:989
2017-11-10 00:08:04 TCP_CLIENT link local: (not bound)
2017-11-10 00:08:04 TCP_CLIENT link remote: [AF_INET]127.0.0.1:989
2017-11-10 00:08:04 MANAGEMENT: >STATE:1510254484,WAIT,,,,,,
2017-11-10 00:08:07 MANAGEMENT: >STATE:1510254487,AUTH,,,,,,
2017-11-10 00:08:07 TLS: Initial packet from [AF_INET]127.0.0.1:989,
sid=db4e0f35 f615606b
2017-11-10 00:08:07 VERIFY OK: depth=1, C=UZ, ST=UZ, L=XXX, O=XXX,
OU=VPNUnit, CN=XXX http://talk.ingichkimetals.com, name=EasyRSA,
emailAddress=XXX
2017-11-10 00:08:07 VERIFY KU OK
2017-11-10 00:08:07 Validating certificate extended key usage
2017-11-10 00:08:07 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
2017-11-10 00:08:07 VERIFY EKU OK
2017-11-10 00:08:07 VERIFY OK: depth=0, C=UZ, ST=UZ, L=XXX, O=IngMet,
OU=VPNUnit, CN=server, name=EasyRSA, emailAddress=XXX
2017-11-10 00:08:08 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2017-11-10 00:08:08 [server] Peer Connection Initiated with [AF_INET]
127.0.0.1:989
2017-11-10 00:08:09 MANAGEMENT: >STATE:1510254489,GET_CONFIG,,,,,,
2017-11-10 00:08:09 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2017-11-10 00:08:10 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway local def1,route 10.0.26.0
255.255.255.0,dhcp-option DNS 10.0.26.1,route 10.0.26.1,topology net30,ping
10,ping-restart 120,ifconfig 10.0.26.10 10.0.26.9,peer-id 0,cipher
AES-256-GCM'
2017-11-10 00:08:10 OPTIONS IMPORT: timers and/or timeouts modified
2017-11-10 00:08:10 OPTIONS IMPORT: --ifconfig/up options modified
2017-11-10 00:08:10 OPTIONS IMPORT: route options modified
2017-11-10 00:08:10 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options
modified
2017-11-10 00:08:10 OPTIONS IMPORT: peer-id set
2017-11-10 00:08:10 OPTIONS IMPORT: adjusting link_mtu to 1626
2017-11-10 00:08:10 OPTIONS IMPORT: data channel crypto options modified
2017-11-10 00:08:10 Data Channel: using negotiated cipher 'AES-256-GCM'
2017-11-10 00:08:10 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized
with 256 bit key
2017-11-10 00:08:10 Incoming Data Channel: Cipher 'AES-256-GCM' initialized
with 256 bit key
2017-11-10 00:08:10 Opening utun (connect(AF_SYS_CONTROL)): Resource busy
(errno=16)
2017-11-10 00:08:10 Opened utun device utun1
2017-11-10 00:08:10 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
2017-11-10 00:08:10 MANAGEMENT: >STATE:1510254490,ASSIGN_IP,,10.0.26.10,,,,
2017-11-10 00:08:10 /sbin/ifconfig utun1 delete
                                        ifconfig: ioctl (SIOCDIFADDR):
Can't assign requested address
2017-11-10 00:08:10 NOTE: Tried to delete pre-existing tun/tap instance --
No Problem if failure
2017-11-10 00:08:10 /sbin/ifconfig utun1 10.0.26.10 10.0.26.9 mtu 1500
netmask 255.255.255.255 up
2017-11-10 00:08:10 /sbin/route add -net 0.0.0.0 10.0.26.9 128.0.0.0
                                        add net 0.0.0.0: gateway 10.0.26.9
2017-11-10 00:08:10 /sbin/route add -net 128.0.0.0 10.0.26.9 128.0.0.0
                                        add net 128.0.0.0: gateway 10.0.26.9
2017-11-10 00:08:10 MANAGEMENT: >STATE:1510254490,ADD_ROUTES,,,,,,
2017-11-10 00:08:10 /sbin/route add -net 10.0.26.0 10.0.26.9 255.255.255.0
                                        add net 10.0.26.0: gateway 10.0.26.9
2017-11-10 00:08:10 /sbin/route add -net 10.0.26.1 10.0.26.9 255.255.255.255
                                        add net 10.0.26.1: gateway 10.0.26.9
**********************************************
                                        Start of output from
client.up.tunnelblick.sh
                                        Retrieved from OpenVPN: name
server(s) [ 10.0.26.1 ], search domain(s) [  ] and SMB server(s) [  ] and
using default domain name [ openvpn ]
                                        Not aggregating ServerAddresses
because running on OS X 10.6 or higher
                                        Prepending 'openvpn' to search
domains '' because the search domains were not set manually (or are allowed
to be changed) and 'Prepend domain name to search domains' was selected
                                        Saved the DNS and SMB
configurations so they can be restored
                                        Changed DNS ServerAddresses setting
from '172.20.10.1' to '10.0.26.1'
                                        Changed DNS SearchDomains setting
from '' to 'openvpn'
                                        Changed DNS DomainName setting from
'' to 'openvpn'
                                        Did not change SMB NetBIOSName
setting of ''
                                        Did not change SMB Workgroup
setting of ''
                                        Did not change SMB WINSAddresses
setting of ''
                                        DNS servers '10.0.26.1' will be
used for DNS queries when the VPN is active
                                        NOTE: The DNS servers do not
include any free public DNS servers known to Tunnelblick. This may cause
DNS queries to fail or be intercepted or falsified even if they are
directed through the VPN. Specify only known public DNS servers or DNS
servers located on the VPN network to avoid such problems.
                                        Flushed the DNS cache via
dscacheutil
                                        /usr/sbin/discoveryutil not
present. Not flushing the DNS cache via discoveryutil
                                        Notified mDNSResponder that the DNS
cache was flushed
                                        Setting up to monitor system
configuration with process-network-changes
                                        End of output from
client.up.tunnelblick.sh
**********************************************
2017-11-10 00:08:13 WARNING: this configuration may cache passwords in
memory -- use the auth-nocache option to prevent this
2017-11-10 00:08:13 Initialization Sequence Completed
2017-11-10 00:08:13 MANAGEMENT:
...
STATE:1510254493,CONNECTED,SUCCESS,10.0.26.10,127.0.0.1,989,127.0.0.1,50665
2017-11-10 00:08:14 *Tunnelblick: No 'connected.sh' script to execute
2017-11-10 00:08:54 *Tunnelblick: After 30.0 seconds, gave up trying to
fetch IP address information using the ipInfo host's name after connecting.
2017-11-10 00:09:30 *Tunnelblick: After 30.0 seconds, gave up trying to
fetch IP address information using the ipInfo host's IP address after
connecting.
2017-11-10 00:10:13 [server] Inactivity timeout (--ping-restart), restarting
2017-11-10 00:10:13 SIGUSR1[soft,ping-restart] received, process restarting
2017-11-10 00:10:13 MANAGEMENT:
...
STATE:1510254613,RECONNECTING,ping-restart,,,,,
2017-11-10 00:10:14 *Tunnelblick: No 'reconnecting.sh' script to execute
2017-11-10 00:10:14 MANAGEMENT: CMD 'hold release'
2017-11-10 00:10:14 NOTE: the current --script-security setting may allow
this configuration to call user-defined scripts
2017-11-10 00:10:14 TCP/UDP: Preserving recently used remote address:
[AF_INET]127.0.0.1:989
2017-11-10 00:10:14 Socket Buffers: R=[131072->131072] S=[131072->131072]
2017-11-10 00:10:14 Attempting to establish TCP connection with [AF_INET]
127.0.0.1:989 [nonblock]
2017-11-10 00:10:14 MANAGEMENT: >STATE:1510254614,TCP_CONNECT,,,,,,
2017-11-10 00:10:15 TCP connection established with [AF_INET]127.0.0.1:989
2017-11-10 00:10:15 TCP_CLIENT link local: (not bound)
2017-11-10 00:10:15 TCP_CLIENT link remote: [AF_INET]127.0.0.1:989
2017-11-10 00:10:15 MANAGEMENT: >STATE:1510254615,WAIT,,,,,,
2017-11-10 00:10:24 Connection reset, restarting [-1]
2017-11-10 00:10:24 SIGUSR1[soft,connection-reset] received, process
restarting
2017-11-10 00:10:24 MANAGEMENT:
...
STATE:1510254624,RECONNECTING,connection-reset,,,,,
2017-11-10 00:10:24 *Tunnelblick: No 'reconnecting.sh' script to execute
2017-11-10 00:10:24 MANAGEMENT: CMD 'hold release'
2017-11-10 00:10:24 NOTE: the current --script-security setting may allow
this configuration to call user-defined scripts
2017-11-10 00:10:24 TCP/UDP: Preserving recently used remote address:
[AF_INET]127.0.0.1:989
2017-11-10 00:10:24 Socket Buffers: R=[131072->131072] S=[131072->131072]
2017-11-10 00:10:24 Attempting to establish TCP connection with [AF_INET]
127.0.0.1:989 [nonblock]
2017-11-10 00:10:24 MANAGEMENT: >STATE:1510254624,TCP_CONNECT,,,,,,
2017-11-10 00:10:25 TCP connection established with [AF_INET]127.0.0.1:989
2017-11-10 00:10:25 TCP_CLIENT link local: (not bound)
2017-11-10 00:10:25 TCP_CLIENT link remote: [AF_INET]127.0.0.1:989
2017-11-10 00:10:25 MANAGEMENT: >STATE:1510254625,WAIT,,,,,,
2017-11-10 00:10:32 *Tunnelblick: Disconnecting; notification window
disconnect button pressed
2017-11-10 00:10:33 *Tunnelblick: No 'pre-disconnect.sh' script to execute
2017-11-10 00:10:33 *Tunnelblick: Disconnecting using 'kill'
2017-11-10 00:10:33 event_wait : Interrupted system call (code=4)
2017-11-10 00:10:33 /sbin/route delete -net 10.0.26.0 10.0.26.9
255.255.255.0
                                        delete net 10.0.26.0: gateway
10.0.26.9
2017-11-10 00:10:33 /sbin/route delete -net 10.0.26.1 10.0.26.9
255.255.255.255
                                        delete net 10.0.26.1: gateway
10.0.26.9
2017-11-10 00:10:33 /sbin/route delete -net 0.0.0.0 10.0.26.9 128.0.0.0
                                        delete net 0.0.0.0: gateway
10.0.26.9
2017-11-10 00:10:33 /sbin/route delete -net 128.0.0.0 10.0.26.9 128.0.0.0
                                        delete net 128.0.0.0: gateway
10.0.26.9
2017-11-10 00:10:33 Closing TUN/TAP interface
2017-11-10 00:10:33 /Applications/Tunnelblick.app/Contents/Resources/
client.down.tunnelblick.sh -9 -d -f -m -p -r -w -ptADGNWradsgnw utun1 1500
1623 10.0.26.10 10.0.26.9 init
**********************************************
                                        Start of output from
client.down.tunnelblick.sh
                                        Cancelled monitoring of system
configuration changes
                                        Restored the DNS and SMB
configurations
                                        Flushed the DNS cache via
dscacheutil
                                        /usr/sbin/discoveryutil not
present. Not flushing the DNS cache via discoveryutil
                                        Notified mDNSResponder that the DNS
cache was flushed
                                        Resetting primary interface 'en0'
via networksetup -setairportpower en0 off/on...
                                        End of output from
client.down.tunnelblick.sh
**********************************************
2017-11-10 00:10:36 SIGTERM[hard,] received, process exiting
2017-11-10 00:10:36 MANAGEMENT: >STATE:1510254636,EXITING,SIGTERM,,,,,
2017-11-10 00:10:36 *Tunnelblick: No 'post-disconnect.sh' script to execute
2017-11-10 00:10:36 *Tunnelblick: Expected disconnection occurred.
================================================================================
"Sanitized" full configuration file
client
dev tun
proto tcp
remote 127.0.0.1 989
resolv-retry infinite
nobind
persist-key
persist-tun
verb 3
remote-cert-tls server
keepalive 10 120
tls-client
key-direction 1
<ca>
 [Security-related line(s) omitted]
</ca>
<cert>
 [Security-related line(s) omitted]
</cert>
<key>
 [Security-related line(s) omitted]
</key>
<tls-auth>
 [Security-related line(s) omitted]
</tls-auth>
================================================================================
ifconfig output:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
    inet 127.0.0.1 netmask 0xff000000
    inet6 ::1 prefixlen 128
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
    nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether 60:03:08:a6:ca:5a
    inet 172.20.10.2 netmask 0xfffffff0 broadcast 172.20.10.15
    media: autoselect
    status: active
en1: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
    options=60<TSO4,TSO6>
    ether 72:00:01:d9:43:00
    media: autoselect <full-duplex>
    status: inactive
en2: flags=963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX> mtu 1500
    options=60<TSO4,TSO6>
    ether 72:00:01:d9:43:01
    media: autoselect <full-duplex>
    status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
    ether 02:03:08:a6:ca:5a
    media: autoselect
    status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
    ether c2:f1:c7:85:b6:9d
    inet6 fe80::c0f1:c7ff:fe85:b69d%awdl0 prefixlen 64 scopeid 0x8
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=63<RXCSUM,TXCSUM,TSO4,TSO6>
    ether 72:00:01:d9:43:00
    Configuration:
        id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
        maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
        root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
        ipfilter disabled flags 0x2
    member: en1 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 5 priority 0 path cost 0
    member: en2 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 6 priority 0 path cost 0
    media: <unknown type>
    status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
    inet6 fe80::6c50:d369:e570:bf02%utun0 prefixlen 64 scopeid 0xa
    nd6 options=201<PERFORMNUD,DAD>
================================================================================
Console Log:
2017-11-09 23:23:57 Tunnelblick[1595] Tunnelblick: OS X 10.12.6;
Tunnelblick 3.7.4 (build 4900)
2017-11-09 23:23:57 Tunnelblick[1595] Warning: preferences contain unknown
preference 'PMPrintingExpandedStateForPrint2'
2017-11-09 23:23:57 Tunnelblick[1595] Warning: preferences contain unknown
preference 'userAgreementVersionAgreedTo'
2017-11-10 00:08:54 Tunnelblick[1595] currentIPInfo(Name): IP address info
could not be fetched within 35.4 seconds; the error was 'Error
Domain=NSURLErrorDomain Code=-1001 "The request timed out."
UserInfo={NSUnderlyingError=0x60800024a200 {Error
Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out."
UserInfo={NSErrorFailingURLStringKey=https://tunnelblick.net/ipinfo,
NSErrorFailingURLKey=https://tunnelblick.net/ipinfo,
_kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4,
NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=
https://tunnelblick.net/ipinfo, NSErrorFailingURLKey=
https://tunnelblick.net/ipinfo, _kCFStreamErrorDomainKey=4,
_kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed
out.}'; the response was '(null)'
2017-11-10 00:09:30 Tunnelblick[1595] currentIPInfo(Address): IP address
info could not be fetched within 35.5 seconds; the error was 'Error
Domain=NSURLErrorDomain Code=-1001 "The request timed out."
UserInfo={NSUnderlyingError=0x60000044cea0 {Error
Domain=kCFErrorDomainCFNetwork Code=-1001 "The request timed out."
UserInfo={NSErrorFailingURLStringKey=http://205.233.73.116/ipinfo,
NSErrorFailingURLKey=http://205.233.73.116/ipinfo,
_kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4,
NSLocalizedDescription=The request timed out.}}, NSErrorFailingURLStringKey=
http://205.233.73.116/ipinfo, NSErrorFailingURLKey=
http://205.233.73.116/ipinfo, _kCFStreamErrorDomainKey=4,
_kCFStreamErrorCodeKey=-2102, NSLocalizedDescription=The request timed
out.}'; the response was '(null)'