Last active
October 6, 2015 18:23
-
-
Save breiter/0446b52495f2a9805436 to your computer and use it in GitHub Desktop.
vpnc launchd and start/stop control scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd";> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>Disabled</key> | |
| <true/> | |
| <key>Label</key> | |
| <string>org.macports.vpnc</string> | |
| <key>ProgramArguments</key> | |
| <array> | |
| <string>/opt/local/sbin/vpnc</string> | |
| <string>--debug</string> | |
| <string>2</string> | |
| <string>--no-detach</string> | |
| <string>/opt/local/etc/vpnc/default.conf</string> | |
| </array> | |
| <key>StandardErrorPath</key> | |
| <string>/opt/local/var/log/vpnc/vpnc.log</string> | |
| <key>StandardOutPath</key> | |
| <string>/opt/local/var/log/vpnc/vpnc.log</string> | |
| <key>RunAtLoad</key> | |
| <true/> | |
| <key>KeepAlive</key> | |
| <!-- NetworkState key is no longer implemented in OS X 10.10 Yosemite. | |
| <dict> | |
| <key>NetworkState</key> | |
| <true/> | |
| </dict> --> | |
| <true/> | |
| </dict> | |
| </plist> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| if [ "$(id -u)" -ne 0 ]; then | |
| SELF=`echo $0 | sed -ne 's|^.*/||p'` | |
| echo "$SELF must be run as root." 1>&2 | |
| echo "try: sudo $SELF" 1>&2 | |
| exit 1 | |
| fi | |
| PLIST=/Library/LaunchDaemons/org.macports.vpnc.plist | |
| CONF=`grep \.conf $PLIST | sed 's/<[^>]*>//g' | tr -d " \t"` | |
| GATEWAY=`grep gateway $CONF` | |
| ERROR=$( { /bin/launchctl load -w $PLIST; } 2>&1 ) | |
| if [ -z "$ERROR" ]; then | |
| echo "starting vpnc daemon connection to $GATEWAY." | |
| else | |
| echo $ERROR | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| if [ "$(id -u)" -ne 0 ]; then | |
| SELF=`echo $0 | sed -ne 's|^.*/||p'` | |
| echo "$SELF must be run as root." 1>&2 | |
| echo "try: sudo $SELF" 1>&2 | |
| exit 1 | |
| fi | |
| PLIST=/Library/LaunchDaemons/org.macports.vpnc.plist | |
| CONF=`grep \.conf $PLIST | sed 's/<[^>]*>//g' | tr -d " \t"` | |
| GATEWAY=`grep gateway $CONF` | |
| ERROR=$( { /bin/launchctl unload -w $PLIST; } 2>&1 ) | |
| if [ -z "$ERROR" ]; then | |
| echo "stopping vpnc daemon connection to $GATEWAY." | |
| else | |
| echo $ERROR | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # logfilename [owner:group] mode count size when flags [/pid_file] [sig_num] | |
| /opt/local/var/vpnc/*.log 644 3 1000 * J |
Alternative. Replace tun.kext and tap.kext built by MacPorts with signed versions.
curl -O http://download.wolfereiter.com/tuntaposx.extensions.tgz
tar xzvf tuntaposx.extensions.tgz -C /opt/local(These came from Tunnelblick v3.4.1.)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Yosemite disables loading of unsigned kernel extensions by default which makes tuntaposx build by MacPorts fail to load and vpnc fail to work. Enabling kext developer mode solves the problem at the expense of a less secure posture than the default.
sudo nvram boot-args="kext-dev-mode=1"Reversible: