Archives / Search ›

Alternate OpenVPN OS X DNS updating script

Arjan van der Velde made several valiant attempts to post a shell script that did most of what my Python script did, but there seem to be some issues with the HTML parser in the comments truncating whatever he tried to post.

I’ve posted Arjan’s script; you may prefer it to mine because it doesn’t have the PyObjC/SystemConfiguration wrapper dependencies, though it doesn’t support multiple VPN domains/nameservers. It uses scutil to apply the same changes as my script, unlike the first shell script linked in the comments.

Here are a few minor tweaks I’ve made to my OpenVPN client setup.

First, I start OpenVPN with a zsh function and completion:

vpn () {
        title "OpenVPN" "${1:r}"
        sudo openvpn --config ~/.openvpn/$1
compctl -W ~/.openvpn -g '*.conf' vpn

which lets me type vpn <tab> to see a list of the (currently four) networks I can connect to, and the window title will change to OpenVPN:calamity or similar, courtesy of the title function:

title () {
        if [[ $TERM = "screen" ]]
                print -Pn "\ek$1\e\\"
                print -Pn "\e]0;$2\a"
        elif [[ -n $xterm_prompt ]]
                print -Pn "\e]0;$1:$2\a"

That’s part of another tweak I made a few months ago to get screen titles to be concise yet helpful… I’ll write about that another time.

Second, I added a line under if going_up at the end of to minimize the window once it’s connected:

if going_up:
	print '\x1b[2t'

That way there’s a very visual cue indicating the VPN connection is established, and I can mouse over the minimized Terminal windows in my Dock to see what VPNs I’m connected to. Not exactly the world’s best UI, but it works.

3 comments on “Alternate OpenVPN OS X DNS updating script”

  1. 15 September 2006 | 2:06 AM

    [...] Um per Tunnelblick/OpenVPN auch

  2. Timothy Smith
    8 July 2007 | 5:25 AM

    Another alternative:

    It does basically everything the original Python script does, but doesn’t require any additional configuration. I chose to not comment out the existing nameserver lines in resolv.conf, which required a few changes to that section of the script.

    Maybe it’s useful for someone who wants multiple domain support. May have some bugs, but it’s working for me currently (OS X 10.4.10).

  3. 22 October 2008 | 8:46 AM

    Note that this script works fine with Ubuntu Linux on OpenVPN. I start OpenVPN directly from the command-line and the /etc/resolv.conf file gets updated as expected when I add these two lines to my ~/.openvpn/client.conf file:

    client.conf:up “~/.openvpn/ up”
    client.conf:down “~/.openvpn/ down”

    I setup Bash aliases to bring up and down my VPN connection. I find it handy to write out the pid and to daemonize. I’d have to think of something a little more clever to support multiple connections at once, but it shouldn’t be too hard. Here are the aliases:

    alias vpnup=’sudo /usr/sbin/openvpn –config ~/.openvpn/client.conf –writepid ~/.openvpn/ –daemon’
    alias vpndown=’sudo kill -INT `cat ~/.openvpn/`’


Leave a reply