Subscribe via RSS
administration c# cocoa coding EasyTAG linux Mac OS X opensolaris OpenVPN Time Machine virtualization windows xcode zfs

Mating Tunnelblick with TimeMachine, Growl and the Nameservers

Introduction

Tunnelblick using OpenVPN is imho the best solution for making VPN connections on Macs, and I have been using it for years …
It's relatively easy to set up, very extensible and OpenSource.

However there always have been some small improvements I wanted to have such as :

» TimeMachine not always starting, while I am on the road and have my bridged tunnel open to home – TimeMachine starts and backs up recent changes to my home server. This saturates the line and on most connections just isn't feasible to even backup 20 MB without having to pause other work that goes over the tunnel. So I had to manually turn it off and on all the time – very annoying.

» Growl Notifications on connection und disconnection events. I like Growl very much, it's informative, unobtrusive and very costumizable. And even though there exists a patch for Tunnelblick which integrates Growl support – it was unfortunately not included in the main branch – so I had always to repatch and recompile every new tunnelblick version I wanted to use – very annoying too …

» Setting my nameserver to the one inside my home network, so I can access all my ressources via the internal domain name (such as xyz.local) .

I looked through the available options for implementing this stuff and figured out it would be the best (read : simple) solution to use the integrated up and down script features of OpenVPN.
Most stuff was only poking through the docs, but one thing was a hard nut, if I changed the TimeMachine preferences, the MenuIcon would not reflect that, because it hasn't been notified … Funnily even if you change it in the TimeMachine PrefPane it doesn't update correctly for me (10.6.5).

Quick Setup Instructions


Prerequisites : Tunnelblick (obviously). This script packages makes use of brand new features of Tunnelblick, which at the time of writing this are only available in svn > r1235 , this means you'll have to compile tunnelblick yourself from svn – the next beta release of Tunnelblick should included this feature and is scheduled at approx. Jan – Feb 2011. If you want Growl notifications to work you need to have "growlnotify" installed which you can find in the Growl distribution disk image (Extras -> growlnotify).

1. Download the tb_up_down.zip archive and extract it to a folder of your choice. In this folder you should find 2 subfolders : "TMMenuIconReloader" (Source code of the TimeMachine MenuIcon Reloader) and "tb_up_down_scripts". Get into "tb_up_down_scripts" and there you'll find 2 files (TMMenuIconReloader, YourConnectionName.tblk )

2. Copy the file "TMMenuIconReloader" to /Users/YOUR_USERNAME/Library/openvpn/ .
TMMenuIconReloader is program I wrote, which reloads the TimeMachine MenuIcon after configuration changes. The said file is a universal binary, so you don't have to compile it yourself – but the source code is included too. If you want to know more about "TMMenuIconReloader" jump here – else continue with the instructions.

3. Right click on the "file" "YourConnectionName.tblk" and click on "Show packages Contents", a new window should pop up – navigate down the folders Contents -> Resources.

4. Copy your hopefully already working Tunnelblick configuration file for the appropriate connection e.g. "example.conf" or "example.ovpn" from "/Users/YOUR_USERNAME/Library/openvpn/" into the Resource folder of "YourConnectionName.tblk" (you can simply drag and drop the file in the Finder).

5. Rename the configuration file to config.ovpn !!! (Check it ends on .ovpn). Then you can close that Finder window.

6. Rename the file "YourConnectionName.tblk" to the Name you desire your connection to have.

7. Double-click the file, and Tunnelblick will ask you to install this configuration, I recommend installing it for "this User" only.

8. Done – you should have Growl Notifications and TimeMachine awareness with Tunnelblick.

If you want the scripts not to perform some of the features, just edit the the *connect*.sh  files in the Resources folder of the .tblk Bundle and comment out any unwanted actions with an "#" in front of the line. By default setting nameservers is disabled, you can obviously enable it by uncommenting the feature.


 

Changelog

1.2 [15.12.2010]
» renamed and added new scripts to conform to new tunnelblick .tblk package script capatibilites introduced in Tunnelblick r1227 and r1231
» updated to new (notification based) reloader and made it hopefully 10.4 compatible

 

1.1 [08.12.2010]
» Moved from OpenVPN up/down scripts to Tunnelblick .tblk packages and pre-connect / post-disconnect actions
» Enhanced security by using Tunnelblicks automatic script protection inside the .tblk Bundle
» Enhanced security by executing TMMenuIconReloader as user with non-root privilidges

 

1.0 [04.12.2010]
Initial Release

 


TMMenuIconReloader

TMMenuIconReloader is a small command line utility, which does nothing more, than send an Notification to the MenuIcon to reload the TimeMachine configuration – it works quite well for me – but was really hard to figure out 😉
Previous version of this utility un/reloaded the TMMenuExtra, but the new approach is much better.

Anyhow this small utility is free to use at your own risk (see LICENSE.TXT in the Distribution) …  you will find the source code and a precompiled  binary inside the script package.

Let me know how you think about it in the comments or drop me an email.

One Response to “Mating Tunnelblick with TimeMachine, Growl and the Nameservers”



Your comment :
Name *

Email*
(will not be published)

Website