timac / vpnstatus Goto Github PK
View Code? Open in Web Editor NEWVPNStatus, a replacement for macOS builtin VPN Status
Home Page: https://blog.timac.org/2018/0719-vpnstatus/
License: MIT License
VPNStatus, a replacement for macOS builtin VPN Status
Home Page: https://blog.timac.org/2018/0719-vpnstatus/
License: MIT License
Hi, this utility functions great as-is, but would it be possible to auto-connect only when outside of a given list of SSIDs? I.e.: The utility would accept a comma separated list of SSIDS and only auto-connect when not connected to that list.
I've found a few ways to do this on iOS through a vpn mobileconfig, but such a profile doesn't seem to work on the Mac.
Thanks!
Hello,
I tried to open your XCode project using my XCode, however it breaks the XCode down, I try to open using the Xcode project file and it fails, my Xcode Version 8.3.3 (8E3004b). It issues a message:
Failed to load project at '/Users/myuser/VPNApp_src/VPN.xcodeproj', incompatible project version.
Hullo,
Thanks for sharing VPNStatus.
I've been trying to locate where the app keeps the menu bar icons stored. I wanted to change them to something a bit more in keeping with the black and white menu bar theme, but as there aren't any image files in the typical places I haven't been able to.
Perhaps someone could point me in the right direction?
Thanks again,
I am using VPNStatus version 1.4 with following config:
defaults read org.timac.VPNStatus
{
---snip---
IgnoredSSIDs = "FRITZ!Box 7580 XX";
---snip---
}
Everything worked beautyfully until I upgraded to macOS Sonoma. After that, the wifi isn't ignored anymore and VPNStatus always tries to connect to the VPN even when connected to the FRITZ!Box 7580 XX wifi.
Great tool! โค๏ธ
Homebrew support would be a great addition to it
Hi! I'm looking for ability of updating routes when my VPN connects or disconnects. Unfortunately, the /etc/ppp/ip-up and networksetup -setadditionalroutes are not working for IKEv2 VPN, only L2TP ones. Is there a way to run some script with VPNStatus? Thanks!
the VPNutil gives us the option to ignore SSID's but it would be nice if it could also ignore specific network ranges or ideally if it detects an internal resource (ping or https connection)
I've followed the instructions on the README, and set up the settings as such:
But it doesn't seem to be reading those values, as the auto connect still takes 120 seconds, and it still reconnects to VPN on those SSIDs.
I'm running a 2021 M1 MacBook Pro 16-inch. Is there perhaps some permission issue that's not allowing it to read those settings?
Hi,
I made a huge mistake and upgraded to 14.4 too soon. One of the issues I have after the upgrade is that VPNStatus doesn't autostart.
Would be super to have the extended status of a connection as well, such as the scuttle provides.
Thank you for the great work.
I have a MS Azure VPN which keeps dropping. I've tried this app and it seems it works occasionally.
I am not sure why sometimes the app reconnects the VPN almost immediately but sometimes it takes it minutes to do so.
Thank you for these beautiful tool!
I tried the suggested option defaults write org.timac.VPNStatus IgnoredVPNs "Little Snitch,HiddenVPN,AnotherHiddenVPN"
, but I guess it works only for the VPNStatus app, while I'm solely using the cli one.
So the question is there a way to hide some of the VPNs from the list?
Hi! Thank you for building this tool and posting a blog entry about it.
I'm trying to reduce the time it takes for the VPN to automatically connect, because I don't find polling ideal (it leaks the IP too often). The best solution for this to be the "connect on demand" switch that IKEv2 VPNs support natively on macOS.
Do you happen to know if the internal Network Extension libraries you're using could help in setting that switch programmatically? Maybe by passing some reference of the VPN service to the System Configuration Framework? I know it's unlikely, but I couldn't resist asking, maybe you have an idea (I fought with System Configuration before, it's not fun).
Or maybe one could listen to changes in network conditions instead of polling with a timer?
I'm even considering using NETunnelProviderManager
to (re)create my IKEv2 configurations from within an app, just to be able to set the "connect on demand" flag somehow. But I haven't tried that yet, maybe that could work.
PS: I didn't know it would be so hard to convert the NEConfiguration
calls to Swift. So I'd rather not try. Or could a swift package for ANPNEServicesManager
contain Objective-C bridges? ๐
PPS: I found SwiftUI to be extremely satisfying for menu bar items and avoiding IBOutlets. What is your macOS target? Do you intend to be much backwards compatible?
Thank you for your time and insight.
I have IKEv2 VPN , AND wireguard (also visible in VPNStatus ).
And sometimes i want to use corporate DNS, but system override this behavior.
p.s Sorry if off-top
Debug version of VPNStatus.app crashes on [ACNEService setupEventCallback]_block_invoke when running on my M1 Apple Silicon. (XCode 13.2.1, MacOS 12.2.1)
M1 release version, and Intel/Rosetta versions work fine, though.
ACDefines.h, line 49
typedef void (^ne_session_set_event_handler_block)(xpc_object_t result);
Perhaps it should be
typedef void (^ne_session_set_event_handler_block)(ne_session_event_t event, void *event_data);
PR: #1 added the great features to fetch all VPNs as well as the status of specified one, better to release the new version to apply those changes. The original version from blog is out dated.
Hey @Timac I am curious if you've considered writing a similar VPN app in Swift?
Ability to list all VPNs and their status: Minimum: Name of VPN (as needed for start
and stop
command, as well as status of VPN (I imagine the possibilities would be: connected, disconnected, connecting, ...).
Make this feature accessible via a 3rd command parameter (instead of start/stop): Something like list
.
Output format: I don't really mind. The possibilities I see:
This would really be useful.
Especially as the MacOS built-in tools don't seem to be able :/
Please let me know what would be needed in terms of financial sponsoring for this item. Thanks a lot in advance!
What is needed to compile on Catalina? I get Network.h - file not found.
It will be great to see your tools in brew!!!
Hi,
thanks for your program, before I used a self-written skript to auto-reconnect via IPSec but this here became really essential when switched to IKeV2!
When the Mac is suspended (I have an old 2008 one running Catalina via the patcher, so no hibernation) it looses the connection to VPN, which is normal and fine.
Thing is when waking it up again, the time VPNStatus needs to autoconnect is set for that long (didnt measure it exactly) I end up connecting manually all the time which is not a major drawback but would be a nice feature beeing able to set this delay however its needed. E.g. I would check every 10sec or so as I guess its just checking the IKeV2 interface locally and not checking if its possible to reach the VPN, so it would only use a bit more memory and power, right?!).
Thanks in advance!
IPSec VPN with Split Tunnel setup with a profile. Latest Ventura version as well as the latest VPNStstus version. After closing the lid on my MacBook Pro M1 for some individual time, after re-login, the green icon of VPNStatus can bee seen as well as the connection time of the VPN menubar still is counting up.
A ping to a device within the VPN IP range doesn't receive response. Only after manually reconnect the VPN connection either with your app or the VPN Menubar does truly do a reconnection.
Is this more a VPNStatus problem, a macOS VPN system problem or a sole VPN problem of the VPN provider (company I work for)? I'll try to use domzilla/Caffeine to see if this makes any difference.
Regards
Thomas
There are some VPN configurations that you might not want to see in VPNStatus:
/Library/Preferences/com.apple.networkextension.plist
which is SIP protected. Trying to manually remove the entry in the plist resulted in more issues.At the moment, VPNStatus contains a hardcoded blocklist with Little Snitch
. Exposing this blocklist as a preference would let a user hide the ghost VPN configurations as well as other third-party content filter configurations like Little Snitch.
Example of modifying the preference from the command line:
defaults write org.timac.VPNStatus IgnoredVPNs "Little Snitch,HiddenVPN,AnotherHiddenVPN"
I want to change this source code in order to use information saved in a text file to connect to an IKEv2 VPN. However, i don't know if this library allows to set the IKEv2 password without using a KeyChain reference. I want to read the password directly from the config file as string and set it to the ACNEService object.
Can you give me any insights about it?
At the moment, you can only change the preferences from the command line.
A preferences window should be added.
in Apple / System Preferences / Network pref.pane I have 2 locations and within each there's the same VPN connection - this is fine. But in VPNStatus I see many possible VPN connections, these seams to be previous settings I used for testing that are already deleted days ago and should not exits anymore. I have an impression that the Network pref.pane and the VPNStatatus are not pooling network setting infos from the same place.
Hi,
Is there a way to shut off all VPNs with a single command using vpnutil?
Thanks
It would be nice to have machine-readable output for vpnutil
. JSON looks like obvious choice these days.
I am using VPNStatus version 1.4 with following config:
% defaults read org.timac.VPNStatus
{
AlwaysConnectedRetryDelay = 30;
IgnoredSSIDs = "MyWifi";
IgnoredVPNs = "Work,Little Snitch,Tailscale Tunnel";
Services = (
{
AlwaysConnected = 1;
Identifier = "468EFCE5-A03A-46DB-9700-4E05D92F342C";
}
);
}
The test procedure:
Running Ventura 13.4 and IKEv2.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.