Superbil / tunnelblick

Automatically exported from code.google.com/p/tunnelblick
1 stars 0 forks source link

OpenVPN can't restart after Inactivity timeout #159

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. OpenVPN is always connected 24/24 on the vpn server
2. Sometimes (may be few times a week or month), the server does not answer (or 
my internet access does not access to the server) and the connection timeout.
3. OpenVPN detect the loss of connection due to timeout, and try to restart the 
connection but crash.
4. Click manually on "Connect" restart the connection correctly.

What is the expected output?
OpenVPN restart the connection and connection come back.

What do you see instead?
The client.down.tunnelblick.sh script crash at the restart so the connection 
never come back.

What version of Tunnelblick are you using? On what version of OS X?
3.1beta12 (build 1998), on Snow Leopard 10.6.4.

Please provide any additional information below. Please include your
configuration file and the contents of the OpenVPN Log window (including
the first few lines with version information), but remember to remove any
sensitive information such as IP addresses.

Here are the logs where it fails:

2010-09-01 02:57:37 [vpn] Inactivity timeout (--ping-restart), restarting
2010-09-01 02:57:37 TCP/UDP: Closing socket
2010-09-01 02:57:37 
/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -m 
-w -d tun0 1500 1560 10.XX.XX.XX 10.XX.XX.XX restart
                                        /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh: line 25: : No such file or directory
2010-09-01 02:57:37 MANAGEMENT: Client disconnected
2010-09-01 02:57:37 script failed: external program exited with error status: 1
2010-09-01 02:57:37 Exiting

Here is my configuration file:

client
dev tun

remote XXXXXXXXXXXXX 443 tcp

ns-cert-type server
resolv-retry 30
nobind
pull

persist-key
persist-tun
keepalive 10 60

ca vpn-ca.crt
tls-auth vpn-ta.key 1

cert mac.crt
key mac.key

cipher AES-256-CBC

comp-lzo

verb 3

Original issue reported on code.google.com by spij...@gmail.com on 1 Sep 2010 at 6:19

GoogleCodeExporter commented 9 years ago
Thanks for your report. This looks like a straightforward bug in Tunnelblick's 
standard "down" script. Try replacing the existing

/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh

with the attached version.

Please respond here if this solves the problem, and I will incorporate this 
change into the source code so it will be in the next release.

Notes:

(1) To open a Finder window containing Tunnelblick.app, right-click (or 
control-click) on

/Applications/Tunnelblick.app

and click on "Show Package Contents".

(2) You will have to "Authenticate", using a computer administrator's username 
and password, to replace client.down.tunnelblick.sh if Tunnelblick has been run 
because the first time Tunnelblick was run it changed the ownership and 
permissions of that file.

(3) The first time you run Tunnelblick after replacing 
client.down.tunnelblick.sh, you will be asked for a computer administrator's 
username and password, so Tunnelblick can change the ownership and permissions 
of the new version of the file.

Original comment by jkbull...@gmail.com on 1 Sep 2010 at 11:00

Attachments:

GoogleCodeExporter commented 9 years ago
I think it solves the problem, at least when I simulate a down of the vpn 
server and then restart it, the .sh script does not crash and the connection 
come back correctly.

I will tell you if I have an other case where it could crash if it does it 
again.

Thanks

Original comment by spij...@gmail.com on 1 Sep 2010 at 11:18

GoogleCodeExporter commented 9 years ago
Thanks for the update.

If I don't hear anything else I'll commit the changes to the source code early 
next week.

Original comment by jkbull...@gmail.com on 2 Sep 2010 at 12:50

GoogleCodeExporter commented 9 years ago
Fixed by r1011

Original comment by jkbull...@gmail.com on 8 Sep 2010 at 9:27