Yes. I may have missed a trick, so tell me if you think I got it wrong.
1. Can be used to change DNS setting permanently for interfaces which
exist in the configd configuration, e.g. Ethernet/Airport
2. Cannot be used to put default routing in the configd configuration.
What you need (and I haven't been able to figure out how to do this) is
a way to use networksetup to tell configd about the tap interface and
what DNS and routing are associated with the tap interface. Sort of like
what you can do in the dynamic configuration with ifconfig and scutil
which works until configd comes along and clobbers your settings.
So networksetup will do things like
networksetup --setdnsserver [ETHERNET|AIRPORT] x.x.x.x
When what you want is something like
networksetup --setdnsserver [TAP] x.x.x.x
networksetup -setdefaultroute [TAP] g.g.g.g
If you see what I mean...
On 07/02/2010 18:25, Bradley Giesbrecht wrote:
Have you looked into networksetup?
man networksetup
// Brad
On Feb 7, 2010, at 5:51 AM, Michael Hieb wrote:
Apologies if this is covered elsewhere. I've looked and found no
definitive answers.
Problem:
Using standard install macports openvpn2: OpenVPN creates a tunnel on
a virtual network interface tap0 which is configured via DHCP. Once
up a script is called to update the routing tables and set DNS. On
linux and windows this works and is very stable because static
routing configurations are employed. On Mac OS X v10.6 routing
configurations are dynamic and managed by configd. Once the virtual
interface comes up the routing tables and DNS can be changed, but
after a short while, configd will come along and change the routing
and DNS configurations and break the VPN.
This is covered in some detail in this article.
http://www.afp548.com/article.php?story=20041015131913324
Question: How to write the DNS and routing entries into preferences
at the time OpenVPN comes up so that they will persist when configd
updates the system?
Details:
1. Commands used by OpenVPN script to update the routing table and DNS
/usr/sbin/ipconfig set "$dev" DHCP
/usr/sbin/scutil <<EOF
d.init
get State:/Network/Service/DHCP-$dev/DNS
d.add SupplementalMatchDomains * $domain_name
set State:/Network/Service/DHCP-$dev/DNS
EOF
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: Sun Feb 7 11:19:36 2010
/sbin/route add -net 192.168.120.1 192.168.1.1 255.255.255.255
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: add net 192.168.120.1:
gateway 192.168.1.1
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: Sun Feb 7 11:19:36 2010
/sbin/route delete -net 0.0.0.0 192.168.1.1 0.0.0.0
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: delete net 0.0.0.0:
gateway 192.168.1.1
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: Sun Feb 7 11:19:36 2010
/sbin/route add -net 0.0.0.0 192.168.110.1 0.0.0.0
Feb 7 11:19:36 MacBook-Pro org.openvpn[44]: add net 0.0.0.0: gateway
192.168.110.1
2. Every looks good for a few minutes
MacBook-Pro:~ user$ netstat -r
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.110.1 UGSc 0 0 tap0
default 192.168.110.1 UGScI 41 88 tap0
127 localhost UCS 0 0 lo0
localhost localhost UH 0 0 lo0
169.254 link#5 UCS 0 0 en1
192.168.1 link#5 UC 1 0 en1
192.168.1.1 0:1e:e5:86:79:22 UHLWI 1 17 en1 1187
192.168.1.101 localhost UHS 0 0 lo0
192.168.110 link#7 UCS 2 0 tap0
192.168.110.1 0:17:3f:9b:e3:e2 UHLWI 43 8 tap0 1182
192.168.110.3 0:1c:c0:f:90:3b UHLWI 12 137213 tap0 454
192.168.110.29 localhost UHS 0 0 lo0
192.168.120.1/32 192.168.1.1 UGSc 1 0 en1
MacBook-Pro:~ user$ sudo scutil --dnsDNS configuration
resolver #1
domain : celoso.net
search domain[0] : celoso.net
nameserver[0] : 208.67.222.222
nameserver[1] : 208.67.220.220
nameserver[2] : 4.2.2.3
order : 200000
resolver #2
domain : celoso.net
nameserver[0] : 192.168.110.3
nameserver[1] : 192.168.110.3
order : 100400
3. Then something will trigger configd to update the DNS or routing
tables, the only evidence of which I have been able to find is the
following message in the system.log
Feb 7 11:20:34 MacBook-Pro configd[13]: network configuration changed.
4. And either the DNS or routing tables will be changed e.g.
MacBook-Pro:~ user$ sudo /usr/sbin/scutil --dns
Password:
DNS configuration
resolver #1
domain : celoso.net
search domain[0] : celoso.net
nameserver[0] : 208.67.222.222
nameserver[1] : 208.67.220.220
nameserver[2] : 4.2.2.3
order : 200000
resolver #2
domain : local
options : mdns
timeout : 2
order : 300000
MacBook-Pro:~ user$ netstat -r
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.1 UGSc 0 0 en1
default 192.168.110.1 UGScI 52 81 tap0
127 localhost UCS 0 0 lo0
localhost localhost UH 0 0 lo0
169.254 link#5 UCS 0 0 en1
192.168.1 link#5 UC 1 0 en1
192.168.1.1 0:1e:e5:86:79:22 UHLWI 1 17 en1 1196
192.168.1.101 localhost UHS 0 0 lo0
192.168.110 link#7 UCS 2 0 tap0
192.168.110.1 0:17:3f:9b:e3:e2 UHLWI 54 5 tap0 1199
192.168.110.3 0:1c:c0:f:90:3b UHLWI 0 34 tap0 1161
192.168.110.29 localhost UHS 0 0 lo0
192.168.120.1/32 192.168.1.1 UGSc 1 0 en1
_______________________________________________
macports-users mailing list
[email protected]
<mailto:[email protected]>
http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
_______________________________________________
macports-users mailing list
[email protected]
http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
