Skip to main content

HTC Hero USB Tether on Mac OS X

Recently I got brand new HTC Hero – great android based phone. Since my previous phone (Nokia N73) has been working with Mac without any problem I was very disappointed to figure out that I have to deal with Windows for syncing my phone with computer and firmware upgrades.
After I upgraded it to latest official 2.73.405.4 ROM, I used Google Contacts/Calendar apps to sync my previous Nokia 73 stuff with Google and Hero, so having laptop<-->mobile connection to Internet (tethering) really sounded like something possible to achieve. A friend of mine with HTC Magic told me about way to connect to Internet with Wifi Tether application, which works on root-ed devices only. So after I passed trough complete rooting procedure explained here and here, I gained root access but still wasn’t able to make Wifi Tether work with Mac. Hero was visible as another AP, and even thought Mac was actually able to connect to it, I never got “outside” access to the Internet and eventually gave up. I found some threads that modaco custom ROM might be solution but figured that for newbie in android world like me, chances to brick brand new device while doing unsupported ROM upgrade are not so low so eventually I gave up.

Unlike for wifi tethering, USB tether for Hero and Windows comes “Out of the Box” (all you have to do is to turn on mobile sharing) but unfortunately it doesn’t work with a Mac. When you connect Hero to Mac, instead of new network device Mac see it as modem, but if you try to dial (like with *99#) you obviously get an error.
After I spent several hours reading endless discussions on various forums, today I finally managed to connect my MacBook Pro on the Internet with my HTC Hero mobile Internet (EDGE/GPRS/3G/HSDPA) connection.

Before I delve into instructions, please bear in mind that although this tutorial is based on HTC Hero and Mac running on latest (10.6.1) Snow Leopard, as far as I can tell it should be working with any other Android device or older version of Mac. I assume that you have MacPorts installed and that you are able to connect to Internet with your Mobile Phone.

Prepare your phone
————————–
You are going to install azilink on your phone. Since all tether applications are removed from Android Market, you have to download it directly from site. But before you do that, you have to make sure that installing applications from unknown sources is allowed. So Press Home, then Menu->Settings->Applications and make sure that “Unknown Sources” is checked. Also in Development menu make sure that “USB Debugging” is checked.

Now on your phone open browser and go to http://azilink.googlecode.com/files/azilink-2.0.2.apk , download file and follow install instructions. Once azilink application is installed start it and make sure that “Service Active” option is checked.

Prepare your Mac
————————–
Step1: TuneTap App
Download and install tuntap for Mac OS X (http://tuntaposx.sourceforge.net/) on the Mac and restart your mac.

Step2: Android SDK
Download Android SDK (http://developer.android.com/sdk/index.html) for Mac and unpack it somewhere on your machine. I used my $HOME dir (/Users/dinke) so I unpacked whole folder and named it android-sdk so full path is /Users/dinke/android-sdk. Since you are going to call tools from that folder, we have to put it into our $PATH variable by editing $HOME/.bash_profile file. I assume that you don’t have UNIX experience so this is step by step guide :

1) Open Terminal Applications
2) Type:

cd

and hit enter
3) You are now in your home dir (ie. /Users/dinke). Now you are going to edit .bash_profile file with pico editor :
Type:

pico .bash_profile

4) Add this line to last line of file:
export PATH=/Users/dinke/android-sdk/tools:$PATH
(replace /Users/dinke/android-sdk/tools with actuall path on your system)
5) Hit ctrl-x then answer Y and hit enter

Now you should be ready to call android tools (like we are going to do later) without specifying full system path.

Step3: OpenVPN2 App

Download and install openVPN2 . We will use MacPort’s port command for doing that. So again open terminal application and type:

sudo port install openvpn2

Now application will be automatically downloaded and compiled. This will take a while, and if this end without any error message you are good to go further ๐Ÿ™‚

Step 4: azilink.ovpn file

1) Download http://azilink.googlecode.com/files/azilink.ovpn file
2) Create folder openvpn in $HOME/library folder (so you have new folder in for example /Users/dinke/Library/openvpn
3) Edit file azilink.ovpn and comment out line 8 with TCP_NODELAY (so it may looks like this):

dev tun

remote 127.0.0.1 41927 tcp-client
proto tcp-client
ifconfig 192.168.56.2 192.168.56.1
route 0.0.0.0 128.0.0.0
route 128.0.0.0 128.0.0.0
#socket-flags TCP_NODELAY
#keepalive 10 30
ping 10
dhcp-option DNS 192.168.56.1

4) Save file in new created in new created openvpn folder

Step 5: Modem script

1) Download script from http://pastie.org/405289 (there is download link on top right) and save it somewhere on your system. I assume you saved it under our home dir as modem.sh (/Users/dinke/modem.sh)
2) Give that script executable privileges. So open terminal application and type this:
chmod 777 /Users/dinke/modem.sh
(change path and script name according to your system)

Now we are almost done and we are ready to test actual connection. So connect your phone with Mac with USB cable, open terminal app and type this:

adb devices

You should get something like this:

dragan-dinics-macbook-pro:tools dinke$ adb devices
* daemon not running. starting it now *
* daemon started successfully *
List of devices attached
HT9FSL901734    device
dragan-dinics-macbook-pro:tools dinke$ 

If you get error (like command not found) check path setting for android sdk tools. If your device is not listed check that it is connected properly. If everything looks ok (you get device id listed) then we can connect our phone to Internet and run actual connection script. Make sure that your phone is connected to Mobile Internet (go to Menu->Settings->Wireless Controll and check Mobile Network checkbox), and then assuming that you’ve saved modem script under /Users/dinke/modem.sh you can run it by typing absolute path in terminal:

/Users/dinke/modem.sh

and you should get output like this:

dragan-dinics-macbook-pro:~ dinke$ /Users/dinke/modem.sh
Tue Nov 10 03:33:53 2009 OpenVPN 2.0.9 i686-apple-darwin10.0.0 [SSL] [LZO] built on Nov  9 2009
Tue Nov 10 03:33:53 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Tue Nov 10 03:33:53 2009 ******* WARNING *******: all encryption and authentication features disabled -- all data will be tunnelled as cleartext
Tue Nov 10 03:33:53 2009 gw 0.0.0.0
Tue Nov 10 03:33:53 2009 TUN/TAP device /dev/tun0 opened
Tue Nov 10 03:33:53 2009 /sbin/ifconfig tun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
Tue Nov 10 03:33:53 2009 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
Tue Nov 10 03:33:53 2009 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
Tue Nov 10 03:33:53 2009 ./modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
add net 0.0.0.0: gateway 192.168.56.1
add net 128.0.0.0: gateway 192.168.56.1
Tue Nov 10 03:33:53 2009 Attempting to establish TCP connection with 127.0.0.1:41927
Tue Nov 10 03:33:53 2009 TCP connection established with 127.0.0.1:41927
Tue Nov 10 03:33:53 2009 TCPv4_CLIENT link local: [undef]
Tue Nov 10 03:33:53 2009 TCPv4_CLIENT link remote: 127.0.0.1:41927
Tue Nov 10 03:34:03 2009 Peer Connection Initiated with 127.0.0.1:41927
Tue Nov 10 03:34:03 2009 Initialization Sequence Completed

If you get some errors make sure that you’ve passed correctly trough all needed steps. If no errors found, it is good time to test your new internet connection. You can do so by trying to ping some site or simple opening browser and visiting some Web Site. It should be working just fine!

My HSDPA connection with USB Tethering
Speedtest of my HSDPA connection with Telenor Serbia

Usefull Links:

http://androidsmartphone.de/apps/g1-als-usb-modem-ohne-root-auf-dem-mac/

http://thinkden.com/index.php/general/admin/75

112 thoughts to “HTC Hero USB Tether on Mac OS X”

  1. Hey thanks for this wonderful post. I have been considering the HTC Hero but have been significantly concerned about compatibility with a Mac – especially since I was recently shocked to find that even an iPhone doesn’t sync that well with a Mac – To-Do lists do not sync, Sync over bluetooth not possible, Internet Tethering is a bit of a pain, etc. I was using a Sony Ericsson P1i earlier and while I was able to sync nicely over BT, the field mapping was a bit off.

    So I want to find out overall – how is the HTC Hero esp regarding syncing contacts, calendar, Notes and To-Do lists with a mac? Can this be done over Bluetooth?
    The internet tethering sounds really complicated.

    Thanks in advance for your advice.

  2. Hey Vikas,

    HTC Hero as any other android phone can be synced with google services, and that support is built in and works out of the box. You can sync contacts with Google Contatcs, mails with google mail and Calendar with Google Calendar that should be it with apps that comes with phone.

    Unless you root device Bluetooth cannot be used for anything else except for connecting with handsfree devices, so as you can see “out of box” connectivity really lacks on it. For example with my previous phone (Nokia N73) I was able to do everything, bluetooth transfer, tethering, syncing contacts with iSync … anything. On hero and other android phones, you have to root device and install proper application so you can do bluetooth transfer.

    Hopefully this helps ๐Ÿ™‚

  3. Hey, thanks for the wonderful walkthrough! I had to do some extra Googling though, because “sudo port install openvpn2” didn’t work (dependency errors) until I found out that we needed to install Xcode. Important to note!

    Other than that, I couldn’t find an easier guide for this (or rather, there were none. XD) Thanks a lot!

  4. Yeah, Xcode tools are needed for Macports, I thought you can’t even install MacPorts without it ๐Ÿ™‚

    So yes MacPort and XCode are needed for doing all macports stuff (like sudo port install …).

    Thankf for your comment ๐Ÿ™‚

  5. Hey,

    This tutorial is a lifesaver but… Any idea why I get this error message:

    sudo: openvpn2: command not found

    It comes after a exec the modem.sh script… There was no problems installing openvpn.

    Any help really appriciated

  6. xcode application is available as optional install on Leopard Install DVD. As I said in my post you need it in order to be able to deal with MacPorts application (so you can install unix tools easily).

  7. thanks for this awesome guide! 1 question: is it possible to create an application from the modem.sh? So I can just doubleclick it instead of running it in Terminal? I’m new to OSX and searched a bit but the suggested things were all beyond my knowledge

  8. Hei, I loved that it was a tutorial on this, I really want to get this working. BUT, talking about working, it seems it wont work with me. I cant get the ADB commands to work. If i
    cd ~/users/frik/android-sdk-mac/tools //then
    ./adb devices

    it works else it wont. And since I had to go that way the Modem script doesn’t work either. I have doble, tripple checked the PATH, tried 6 methods of editing the bash profil, non of it gave any different results.

    I am running on the snow leopard, maybe thats an issue?

    Please replay ๐Ÿ™‚

  9. @fabio
    Have no idea how neither, I think there is a way with either apple script or xcode but haven’t tried though.

    @frik
    Are you 100% sure that you’ve edited file in your username dir? /Users/frik/.bash_profile ? Also I guess that you put your username (frik) and not dinke in your path, plus you have to change android sdk name since it is different on your comp:

    export PATH=/Users/frik/android-sdk-mac/tools:$PATH

    Also don’t forget that you have to close and reopen terminal window befoure you can test your changes. If you are not 100% that it worked for you try:

    echo $PATH

    from terminal and it should give you correct path (along with android-sdk path in it). If it doesn’t work for you with .bash_profile than you can always run export cmd directly in terminal before running modem.sh script.

  10. One question, do I have to Write the “/Users/frik/modem.sh” in Terminal every time i want to go on net via the Hero? Or is it any way much easier with a executable script on my desktop.?

  11. It’s enough to run it like ./modem.sh in terminal since by default terminal open in home dir (/Users/frik). I came to mac from Linux world so terminal is 2nd nature to me, but if I come with way to make modem.sh run from gui I will let you know ๐Ÿ™‚ Probably with apple script or xcode tools (look at my answer to fabio).

  12. I have iphone 8GB first gineration. I have been trying to tether it to my MacBook so I can use my laptop when Im on vacation. Friend told he about the HTC Hero and said it would be a good way to to this. I use AT&T so my question is this would it be wise to buy the Hero and drop the iphone? I dont have lepord and im not very computer savy so is this something a Noob can do?

  13. @Rhonda Since you said that you use Macbook and don’t have Leopard I will assume that you still use old os x (Tiger or even some older). I haven’t really tried my tutorial with Tiger because I don’t know anyone still using it.

    Btw if you plan to use HTC Hero with windows, usb tether works without any hack, you just connect it and tick “share mobile connection” on it. I wish it is that easy with Mac OS X:(

  14. Dinke =) Im new to the mac world and I bought my laptop just a year ago. So much to learn. Can this still be done with my laptop or do I need to get leopard? Or should I just keep my iphone and forget my dream =(

    Thanks for all and any help you can give me.

  15. @Rhonda
    Are you really sure that you don’t have leopard already installed on your computer ๐Ÿ™‚ ? I bought my Mac in september 2008 and Leopard was already there.

    Do this: click to ๏ฃฟ and pick “About this Mac” option, and let me know exact number for your version bellow apple logo ๐Ÿ™‚

  16. Hi! First of all thanks for the great post! I tried and did everything fine except except it gives me an error “device not found” after ” modem.sh” – it seems like my mac cannot see the phone – any suggestion?
    Thanks for your help
    L

  17. you have made my day! i screamed and shouted at my macbook/hero for 2 hours but in the end it was all worth it. It working!!

    one final question. The next time i want to tether my macbook all I have to do is type the users/me/modem.sh comand in terminal en enjoy browsing the internet?

  18. @Bas
    Yes ๐Ÿ™‚ Basically after you’re done with this tutorial, next time all you have to do is to connect your phone, make sure that azilink is running and ‘active’ is ticked, mobile connection is turned on, then you run modem.sh script and in few sec your Internet connection is up and running.

  19. Dear Dragan (Dinke),

    I nearly managed to tether my Mac to my HTC Hero. Only the very last step failed. My Mac (with Snow Leopard) returns this error message: “sudo: openvpn2: command not found”.

    Any idea?

    Thank in advance for a wonderful job!

    Gerard

  20. Hey Gerard,

    Obviously you didn’t put correct path to .bash_profile when you installed macports. So you can either modify modem.sh script and put full path to openpvn2 tool:

    So instead of:
    sudo openvpn2

    Put:

    sudo /opt/local/sbin/openvpn2

    Or even better add this at the end of your ~/bash_profile file:

    export PATH=/opt/local/bin:/opt/local/sbin:/$PATH

  21. Hi Dinke/Dragan,

    I changed the path in the sudo command (your first option). This brought me a little closer to the goal. Now I get the following error message:

    “Cannot allocate TUN/TAP dev dynamically”

    I’m sure you know how to get me over this last hurdle.

    Thanks a lot,

    Gerard

  22. I’ve followed this perfectly, I believe (with almost no experience with Terminal)… but I don’t get anything when I write ‘adb devices’ – just:

    * daemon started successfully *
    List of devices attached

    kristian-ruhe-thorsens-macbook:~ Kristian$

    Where can I have done something wrong? And what could it be???

  23. Dear Dragan,

    I tried again this afternoon after a reboot of both the Hero and the Mac. And it runs!!! I get speeds of over 250KByte and aroiund 75KByte for uplod. This is enough for the (emergency) cases I need the tethering app.

    So, lots of kudos and thanks,

    Gerard

  24. Hey Gerard,

    Sorry I couldn’t reply to you earlier but all I could recommend was simple reboot and I am glad it actually worked ๐Ÿ˜‰

    @Kristian
    You either didn’t connect your usb cable or Azilink is not set to active. Can’t think of anything else.

  25. If you can’t see your device with adb devices, go to Settings > Applications > Development and activate USB Debugging. Got my 06 Macbook to connect after enabling that.

    Thanks Dinke!

  26. Just to let you guys know.. the new PDANet 2.15 version supports Mac USB Tether. It allows everything but https connections. You can get it in the market ๐Ÿ™‚

  27. Thanks Dinke!

    Got my Hero tethered to my Mac.. got it working at 450kbytes dl and 120kbytes ul.. will try to find a better base station and test again..

  28. Hi,

    Massive thanks for this tutorial… worked a treat… all in all about 90mins work but well worth it.

    Cheers!

    Stephen

  29. At last I’ve gone through your tutorial and everything worked fine. Except I didn’t restart my mac after TunTap instalation. Thanks!
    Maybe I’ll try to make some install script and icon to simplify the process.

  30. I get my device recognized but when I run the modem.sh script I’m getting this:

    Tue Jan 12 02:22:35 2010 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] built on Jan 12 2010
    Tue Jan 12 02:22:35 2010 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
    Tue Jan 12 02:22:35 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Tue Jan 12 02:22:35 2010 ROUTE: problem writing to routing socket
    Tue Jan 12 02:22:35 2010 ROUTE: problem writing to routing socket
    Tue Jan 12 02:22:35 2010 Cannot allocate TUN/TAP dev dynamically
    Tue Jan 12 02:22:35 2010 Exiting

    Could someone please help me? Thanks

  31. Last message after updating tun/tap by installing viscosity and Tunnelblick:

    Tue Jan 12 02:35:15 2010 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] built on Jan 12 2010
    Tue Jan 12 02:35:15 2010 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
    Tue Jan 12 02:35:15 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Tue Jan 12 02:35:15 2010 TUN/TAP device /dev/tun0 opened
    Tue Jan 12 02:35:15 2010 /sbin/ifconfig tun0 delete
    ifconfig: ioctl (SIOCDIFADDR): Can’t assign requested address
    Tue Jan 12 02:35:15 2010 NOTE: Tried to delete pre-existing tun/tap instance — No Problem if failure
    Tue Jan 12 02:35:15 2010 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
    Tue Jan 12 02:35:15 2010 /Users/mambo/modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
    Tue Jan 12 02:35:15 2010 openvpn_execve: external program may not be called unless ‘–script-security 2’ or higher is enabled. Use ‘–script-security 3 system’ for backward compatibility with 2.1_rc8 and earlier. See –help text or man page for detailed info.
    Tue Jan 12 02:35:15 2010 script failed: external program fork failed
    Tue Jan 12 02:35:15 2010 Exiting

  32. @Kristian, @dinke –
    if adb devices not returning any devices can also occur if you have “Mobile Internet Sharing” if that is active on the HTC (settings->wireless controls->mobile internet sharing).

    I am having an issue with openvpn2 not allowing external programs being called similar to @Marco.

  33. Guys, i solved two problems I had, wanted to share, now I have tethered internet.

    @Marco – “openvpn: external program may…” I solved it by going into modem.sh and just adding what it wants after the line:
    sudo openvpn2 –dev ten\
    –script-security 2 \

    maybe not the safest but it works (anyone better option?)

    The next problem I had was a scutil: command not found, so did whereis scutil and added the path to the script as well. Now it works ๐Ÿ™‚

    (this is my first posting, so if people want more information let me know)

  34. @john I’m getting this

    Options error: Unrecognized option or missing parameter(s) in [CMD-LINE]:1: ?script-security (2.1.1)

  35. @Marco (sorry was gone for a week)
    Hmmm, that is odd indeed. As for having no experience in debugging let me ask some questions:
    Is everything in your /Users/[username] folder? Did you make the script executable? (e.g. chmod 777 /Users/dinke/modem.sh)

    Can you double check that you did?

  36. I am a noobie re command line mysteries. I am trainable. I have been usb tethering to a Motorazr V3m using Parallels Desktop [XP] and the Sprint connection software on my MacbookPro running 10.4.11. I wonder how difficult it will be to tether an HTC Hero with usb through Parallels. Any concerns when I go to 10.6?
    If I can connect through Parallels will it be easier to go to the Mac OS and connect?
    Thanks for any help you can give an old [trainable] dog

  37. Hey Dinke,
    you are my only hope to tether on mac using my hero. I have done all your steps and the last step is the one that gives me error; it goes like:
    ——-
    tarekq:downloads tarekag$ /users/tarekag/downloads/android-sdk-mac_86/tools/adb devices
    * daemon not running. starting it now *
    * daemon started successfully *
    List of devices attached
    HT97HL905804 device

    tarekq:downloads tarekag$ /users/tarekag/modem.sh
    /users/tarekag/modem.sh: line 6: adb: command not found
    Password:
    Tue Feb 2 15:12:55 2010 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] built on Feb 2 2010
    Tue Feb 2 15:12:55 2010 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
    Tue Feb 2 15:12:55 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Tue Feb 2 15:12:55 2010 TUN/TAP device /dev/tun0 opened
    Tue Feb 2 15:12:55 2010 /sbin/ifconfig tun0 delete
    ifconfig: ioctl (SIOCDIFADDR): Can’t assign requested address
    Tue Feb 2 15:12:55 2010 NOTE: Tried to delete pre-existing tun/tap instance — No Problem if failure
    Tue Feb 2 15:12:55 2010 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
    Tue Feb 2 15:12:55 2010 /users/tarekag/modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
    Tue Feb 2 15:12:55 2010 openvpn_execve: external program may not be called unless ‘–script-security 2’ or higher is enabled. Use ‘–script-security 3 system’ for backward compatibility with 2.1_rc8 and earlier. See –help text or man page for detailed info.
    Tue Feb 2 15:12:55 2010 script failed: external program fork failed
    Tue Feb 2 15:12:55 2010 Exiting
    ———

    since I don’t understand anything of that, can you tell me were the error is at.

    Thank you
    Tarek

  38. @Tarek
    modem.sh script cannot find path to adb tool. You have to do step 2 correctly or edit modem.sh and whenever adb tool is called to insert absolute path.

  39. Hey Dinke,
    thank you for your quick reply.. i actually solved the adb path issue yesterday and now that is what i get,
    ——Tareks-MacBook:~ tarekag$ /users/tarekag/modem.sh
    Wed Feb 3 09:33:24 2010 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] built on Feb 2 2010
    Wed Feb 3 09:33:24 2010 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
    Wed Feb 3 09:33:24 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Wed Feb 3 09:33:24 2010 TUN/TAP device /dev/tun0 opened
    Wed Feb 3 09:33:24 2010 /sbin/ifconfig tun0 delete
    ifconfig: ioctl (SIOCDIFADDR): Can’t assign requested address
    Wed Feb 3 09:33:24 2010 NOTE: Tried to delete pre-existing tun/tap instance — No Problem if failure
    Wed Feb 3 09:33:24 2010 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
    Wed Feb 3 09:33:24 2010 /users/tarekag/modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
    Wed Feb 3 09:33:24 2010 openvpn_execve: external program may not be called unless ‘–script-security 2’ or higher is enabled. Use ‘–script-security 3 system’ for backward compatibility with 2.1_rc8 and earlier. See –help text or man page for detailed info.
    Wed Feb 3 09:33:24 2010 script failed: external program fork failed
    Wed Feb 3 09:33:24 2010 Exiting
    ——

    It still says openVPN2.1 requires –script-security 2 or higher. Can you help me with this, I have a feeling that you are the only one who can actually help on this issue without having to root the phone.. I have high hopes ..:)

  40. aha!

    I’m guessing openvpn2 has been updated since writing this article.

    As a result, you need to slightly edit modem.sh to get it to work.

    ——
    Wed Feb 3 09:33:24 2010 openvpn_execve: external program may not be called unless โ€˜โ€“script-security 2โ€ฒ or higher is enabled. Use โ€˜โ€“script-security 3 systemโ€™ for backward compatibility with 2.1_rc8 and earlier. See โ€“help text or man page for detailed info.
    ——-

    In modem.sh where openvpn2 is first called, you want to add…

    sudo openvpn2 –script-security 3 system \
    –dev tun \

    So for me, adding –script-security 3 system \ fixed the problem.

    Hope this helps.

  41. First I get this error.

    ————-
    macbook-van-user:~ user$ /Users/user/modem.sh
    Fri Feb 5 23:07:53 2010 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] built on Feb 5 2010
    Fri Feb 5 23:07:53 2010 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
    Fri Feb 5 23:07:53 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Fri Feb 5 23:07:53 2010 TUN/TAP device /dev/tun0 opened
    Fri Feb 5 23:07:53 2010 /sbin/ifconfig tun0 delete
    ifconfig: ioctl (SIOCDIFADDR): Can’t assign requested address
    Fri Feb 5 23:07:53 2010 NOTE: Tried to delete pre-existing tun/tap instance — No Problem if failure
    Fri Feb 5 23:07:53 2010 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
    Fri Feb 5 23:07:53 2010 /Users/user/modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
    Fri Feb 5 23:07:53 2010 openvpn_execve: external program may not be called unless ‘–script-security 2’ or higher is enabled. Use ‘–script-security 3 system’ for backward compatibility with 2.1_rc8 and earlier. See –help text or man page for detailed info.
    Fri Feb 5 23:07:53 2010 script failed: external program fork failed
    Fri Feb 5 23:07:53 2010 Exiting
    macbook-van-user:~ user$
    ————-

    And then when I change what oller said.
    sudo openvpn2 โ€“script-security 3 system \
    โ€“dev tun \

    I get this strange message.
    ————-
    Options error: I’m trying to parse “-โ€“script-security” as an –option parameter but I don’t see a leading ‘–‘
    Use –help for more information.
    ————-

    ๐Ÿ™

  42. oiler.. you da man..:) of course after dinke, he’s like superman!.. everything worked finally. I am going to paste in how my modem.sh file looks like, coz I feel that a lot of people might have the same error I used to get when I first ran modem.sh:
    ———
    #!/bin/bash
    #
    # azilink for OS X

    init() {
    /users/tarekag/downloads/android-sdk-mac_86/tools/adb forward tcp:41927 tcp:41927
    sudo openvpn2 –script-security 3 system \
    –dev tun \
    –remote 127.0.0.1 41927 \
    –proto tcp-client \
    –ifconfig 192.168.56.2 192.168.56.1 \
    –route 0.0.0.0 128.0.0.0 \
    –route 128.0.0.0 128.0.0.0 \
    –keepalive 10 30 \
    –up “$0 up” \
    –down “$0 down”

    }

    up() {
    tun_dev=$1
    ns=192.168.56.1
    sudo scutil << EOF
    open
    d.init
    get State:/Network/Interface/$tun_dev/IPv4
    d.add InterfaceName $tun_dev
    set State:/Network/Service/openvpn-$tun_dev/IPv4

    d.init
    d.add ServerAddresses * $ns
    set State:/Network/Service/openvpn-$tun_dev/DNS
    quit
    EOF
    }

    down() {
    tun_dev=$1
    sudo scutil << EOF
    open
    remove State:/Network/Service/openvpn-$tun_dev/IPv4
    remove State:/Network/Service/openvpn-$tun_dev/DNS
    quit
    EOF
    }

    case $1 in
    up ) up $2 ;; # openvpn will pass tun/tap dev as $2
    down) down $2 ;;
    * ) init ;;
    esac
    ——-
    the two differences are that I put the full path of adb, and the proper insertion of script-security 3 system \

    Good luck to all, and I hope someone will take these steps and create a nice and simple application that will automate this process someday..

    cheers,

    Tarek

  43. Hi
    everything seemed to be going great on the setting up except when the ‘sudo port install openvpn2’ command is put in. I get the warning:
    ‘WARNING: Improper use of the sudo command could lead to data loss
    or the deletion of important system files. Please double-check your
    typing when using sudo. Type “man sudo” for more information.
    To proceed, enter your password, or type Ctrl-C to abort.’

    It then has the word password with the flashing cursor next to it but it will not acknowledge any keyboard input at all except the enter key and ctrl-c keys.
    Help!! what goes on, I tried to paste the password in but it does not accept it. I have Xcode installed and Macports.

  44. Hi Dinkie,

    I am still loving your solution.. one problem though. What’s the best way to quit the process. If I just quit the terminal, and try again i get all kinds of errors; i actually have to restart every time to get working..

    I am sure there is a way to quit the process easily.. can you share it?

    Thank you

  45. Hello Dinkie.

    Thanks a million for this post.
    It works like a charm.

    posting this message, by tethering my hero to my mac, airport turned off.

  46. FINALLY I GOT IT WORKING.
    Thanks to @Dinkie @John and everyone else.
    Right know I’m connected using my HTC TATTOO, so Dinkie, I think that you can update this post name to Htc Hero/Tattoo USB Tether on Mac OS X ๐Ÿ˜‰

  47. @Marco
    No problem, glad you made it working. And yes, this should be working for any actual HTC Android phones (Hero, Magic, Tatoo). We will see about Legend and Desire in few months ๐Ÿ˜‰

  48. Hey thanks for this. It works fine but now that PdaNet is available it is much easier to use that. If I want to undo all of your steps apart from removing the downloaded apps. do I need to undo the pico .bash_profile step and openVPN install step? I’ve already removed the android tools, followed the uninstall steps for MacPorts and deleted the modem file. What else needs to be done or does none of the rest matter?
    Thanks very much

  49. @John Yeah, basically just remove installed application, and you can also edit file .bash_profile and restore your previous settings for PATH variable, but really not needed because it won’t do any harm to your computer.

  50. Dinke,

    On Snow Leopard I am not able to get Openvpn2 to build.

    Macintosh-202:admin_console $ sudo port install openvpn2—> Computing dependencies for openvpn2
    —> Building lzo2
    Error: Target org.macports.build returned: shell command ” cd “/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_release_ports_archivers_lzo2/work/lzo-2.03″ && /usr/bin/make -j2 all ” returned error 1
    Command output: sh: line 0: cd: /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_release_ports_archivers_lzo2/work/lzo-2.03: No such file or directory

    Error: The following dependencies failed to build: lzo2 openssl
    Error: Status 1 encountered during processing.
    Before reporting a bug, first run the command again with the -d flag to get complete output.

  51. Worked like a charm, after two minor changes to the modem.sh script (the script security fix + had to add full path to the two scutil-calls). I wish I could understand why they make this so hard for non-Windows users…

  52. I got it working! I just had to modify the init secion of modem.sh like this:

    init() {
    adb forward tcp:41927 tcp:41927
    sudo /opt/local/sbin/openvpn2 –dev tun \
    –remote 127.0.0.1 41927 \
    –proto tcp-client \
    –ifconfig 192.168.56.2 192.168.56.1 \
    –route 0.0.0.0 128.0.0.0 \
    –route 128.0.0.0 128.0.0.0 \
    –keepalive 10 30 \
    –up “$0 up” \
    –down “$0 down” \
    –script-security 3 system
    }

  53. It worked!!
    I had to add the following to modem.sh when invokes openvpn2 (got openvpn2.1)

    –script-security 2

    Thanks very much!!!

    lino

  54. You can also download PDANet for your android phone and your MAC and it will work immediately. No root menu stuff. No messing around for hours. It just works.

  55. Good stuff here – got everything working until I tried to run the modem script. Below is what I got – can u help me out. I did everything else to the letter and my phone is already rooted.

    Mr-Harriss-MacBook-Pro:~ MrHarris$ /Users/MrHarris/modem.sh
    Sun Jun 6 10:28:49 2010 OpenVPN 2.1.1 i386-apple-darwin10.3.1 [SSL] [LZO2] built on Jun 6 2010
    Sun Jun 6 10:28:49 2010 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Sun Jun 6 10:28:49 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Sun Jun 6 10:28:49 2010 TUN/TAP device /dev/tun0 opened
    Sun Jun 6 10:28:49 2010 /sbin/ifconfig tun0 delete
    ifconfig: ioctl (SIOCDIFADDR): Can’t assign requested address
    Sun Jun 6 10:28:49 2010 NOTE: Tried to delete pre-existing tun/tap instance — No Problem if failure
    Sun Jun 6 10:28:49 2010 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
    Sun Jun 6 10:28:49 2010 /Users/MrHarris/modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
    sudo: scutil: command not found
    Sun Jun 6 10:28:49 2010 script failed: external program exited with error status: 1
    Sun Jun 6 10:28:49 2010 Exiting

  56. Messed around with it a little more and got it to work. Thanks for this. Posting this while tethered to my HERO!!!

  57. only problem I have now is when I want to go back to using my Airport to connect to my WiFI network…it doesn’t work until I reboot. Any thoughts?

  58. hello, nice tutorial, i just can not install openvpn2, it asks a psw and (after digiting my personal psw of mac, says: command not found
    any idea?

  59. sorry resolved that one.
    now at the end it says:
    Sat Jun 12 15:06:36 2010 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] built on Jun 12 2010
    Sat Jun 12 15:06:36 2010 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
    Sat Jun 12 15:06:36 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Sat Jun 12 15:06:36 2010 ROUTE: problem writing to routing socket
    Sat Jun 12 15:06:36 2010 ROUTE: problem writing to routing socket
    Sat Jun 12 15:06:36 2010 TUN/TAP device /dev/tun0 opened
    Sat Jun 12 15:06:36 2010 /sbin/ifconfig tun0 delete
    ifconfig: ioctl (SIOCDIFADDR): Can’t assign requested address
    Sat Jun 12 15:06:36 2010 NOTE: Tried to delete pre-existing tun/tap instance — No Problem if failure
    Sat Jun 12 15:06:36 2010 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
    Sat Jun 12 15:06:36 2010 /Users/JLK/modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
    Sat Jun 12 15:06:36 2010 openvpn_execve: external program may not be called unless ‘–script-security 2’ or higher is enabled. Use ‘–script-security 3 system’ for backward compatibility with 2.1_rc8 and earlier. See –help text or man page for detailed info.
    Sat Jun 12 15:06:36 2010 script failed: external program fork failed
    Sat Jun 12 15:06:36 2010 Exiting

    any help regarding script security 3..?

  60. sorry now it says like this:

    iMac-di-Linda-Katalin-Jezsek:~ JLK$ /Users/JLK/modem.sh
    Sat Jun 12 15:33:20 2010 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] built on Jun 12 2010
    Sat Jun 12 15:33:20 2010 IMPORTANT: OpenVPN’s default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
    Sat Jun 12 15:33:20 2010 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
    Sat Jun 12 15:33:20 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Sat Jun 12 15:33:20 2010 TCP/UDP: Socket bind failed on local address [undef]:1194: Address already in use
    Sat Jun 12 15:33:20 2010 Exiting
    /Users/JLK/modem.sh: line 8: –script-security: command not found
    /Users/JLK/modem.sh: line 9: –remote: command not found
    iMac-di-Linda-Katalin-Jezsek:~ JLK$ /Users/JLK/modem.sh
    Sat Jun 12 15:35:18 2010 OpenVPN 2.1.1 i386-apple-darwin10.2.0 [SSL] [LZO2] built on Jun 12 2010
    Sat Jun 12 15:35:18 2010 IMPORTANT: OpenVPN’s default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
    Sat Jun 12 15:35:18 2010 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
    Sat Jun 12 15:35:18 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Sat Jun 12 15:35:18 2010 TCP/UDP: Socket bind failed on local address [undef]:1194: Address already in use
    Sat Jun 12 15:35:18 2010 Exiting
    /Users/JLK/modem.sh: line 8: –script-security: command not found
    iMac-di-Linda-Katalin-Jezsek:~ JLK$

    addressa already in use?? helppp

  61. When I connect my HTC hero phone via USB to my macbook pro I am getting the PDAnet icon with the flashing blue world on the bottom right corner…..does any know what this means?
    I have successfully installed pdanet on my macbook and htc hero but i am stuck

  62. Michiel

    this is how my script reads – and it works.

    #!/bin/bash
    #
    # azilink for OS X

    init() {
    adb forward tcp:41927 tcp:41927
    sudo openvpn2 –script-security 3 system \
    –dev tun \
    –remote 127.0.0.1 41927 \
    –proto tcp-client \
    –ifconfig 192.168.56.2 192.168.56.1 \
    –route 0.0.0.0 128.0.0.0 \
    –route 128.0.0.0 128.0.0.0 \
    –keepalive 10 30 \
    –up “$0 up” \
    –down “$0 down”
    }

    up() {
    tun_dev=$1
    ns=192.168.56.1
    sudo scutil << EOF
    open
    d.init
    get State:/Network/Interface/$tun_dev/IPv4
    d.add InterfaceName $tun_dev
    set State:/Network/Service/openvpn-$tun_dev/IPv4

    d.init
    d.add ServerAddresses * $ns
    set State:/Network/Service/openvpn-$tun_dev/DNS
    quit
    EOF
    }

    down() {
    tun_dev=$1
    sudo scutil << EOF
    open
    remove State:/Network/Service/openvpn-$tun_dev/IPv4
    remove State:/Network/Service/openvpn-$tun_dev/DNS
    quit
    EOF
    }

    case $1 in
    up ) up $2 ;; # openvpn will pass tun/tap dev as $2
    down) down $2 ;;
    * ) init ;;
    esac

  63. I just upgraded my HERO to Android 2.1, installed the AziLink app and now I get “connection refused” when I run my script. Anyone out there know why? Thanks.

  64. I think I’m really close, though I still have an error that nobody has mentioned yet! Here’s what the output says:

    Thu Jul 22 14:19:38 2010 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Thu Jul 22 14:19:38 2010 NOTE: –script-security method=’system’ is deprecated due to the fact that passed parameters will be subject to shell expansion
    Thu Jul 22 14:19:38 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Thu Jul 22 14:19:38 2010 ROUTE: problem writing to routing socket
    Thu Jul 22 14:19:38 2010 ROUTE: problem writing to routing socket
    Thu Jul 22 14:19:38 2010 TUN/TAP device /dev/tun0 opened
    Thu Jul 22 14:19:38 2010 /sbin/ifconfig tun0 delete
    ifconfig: ioctl (SIOCDIFADDR): Can’t assign requested address
    Thu Jul 22 14:19:38 2010 NOTE: Tried to delete pre-existing tun/tap instance — No Problem if failure
    Thu Jul 22 14:19:38 2010 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
    Thu Jul 22 14:19:38 2010 Documents/modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
    Thu Jul 22 14:19:38 2010 WARNING: potential route subnet conflict between local LAN [0.0.0.0/255.255.255.0] and remote VPN [0.0.0.0/128.0.0.0]
    add net 0.0.0.0: gateway 192.168.56.1
    add net 128.0.0.0: gateway 192.168.56.1
    Thu Jul 22 14:19:38 2010 Attempting to establish TCP connection with 127.0.0.1:41927 [nonblock]
    Thu Jul 22 14:19:38 2010 TCP connection established with 127.0.0.1:41927
    Thu Jul 22 14:19:38 2010 TCPv4_CLIENT link local: [undef]
    Thu Jul 22 14:19:38 2010 TCPv4_CLIENT link remote: 127.0.0.1:41927
    Thu Jul 22 14:19:38 2010 Connection reset, restarting [0]
    delete net 128.0.0.0: gateway 192.168.56.1
    delete net 0.0.0.0: gateway 192.168.56.1
    Thu Jul 22 14:19:38 2010 Documents/modem.sh down tun0 1500 1502 192.168.56.2 192.168.56.1 init
    Thu Jul 22 14:19:38 2010 SIGUSR1[soft,connection-reset] received, process restarting

    After restarting, it just prints these same messages over and over. Anybody have a workaround for this?

    Thanks,
    Joe

  65. my problem has been resolved with editing “./adb devices” in modem.sh
    see below:

    #!/bin/bash
    #
    # azilink for OS X

    init() {
    ./adb devices
    ./adb forward tcp:41927 tcp:41927
    sudo openvpn2 –dev tun \
    –script-security 3 system \
    –remote 127.0.0.1 41927 \
    –proto tcp-client \
    –ifconfig 192.168.56.2 192.168.56.1 \
    –route 0.0.0.0 128.0.0.0 \
    –route 128.0.0.0 128.0.0.0 \
    –keepalive 10 30 \
    –up “$0 up” \
    –down “$0 down”
    }

  66. Forgive my ignorance but is this all still necessary now that Android 2.1 has an “Internet sharing option”?

    I know I can’t get it to work out of the box (HTC Legend and Mac Leopard) but this all seems really, really complex. Is there any easier way?

    I know I can get PDAnet but understand this restricts the sites you can visit unless you buy the paid-for version which I am loathe to do if it should work for free.

    Thanks

  67. Hey Pete,

    Internet Sharing option only worked with Windows, not with a Mac.

    Btw this procedure works on Andorid 2.1 on HTC Hero after official HTC Eclair update.

  68. Hi again

    I have the whole thing running but I do get this warning “WARNING: potential route subnet conflict…”.

    Otherwise the link seems to come up:

    Mon Aug 16 20:48:55 2010 Attempting to establish TCP connection with 127.0.0.1:41927 [nonblock]
    Mon Aug 16 20:48:56 2010 TCP connection established with 127.0.0.1:41927
    Mon Aug 16 20:48:56 2010 TCPv4_CLIENT link local: [undef]
    Mon Aug 16 20:48:56 2010 TCPv4_CLIENT link remote: 127.0.0.1:41927
    Mon Aug 16 20:49:05 2010 Peer Connection Initiated with 127.0.0.1:41927
    Mon Aug 16 20:49:05 2010 Initialization Sequence Completed

    But when I use a browser I can’t reach any websites.

    I tried googling that warning message but couldn’t make any sense of what I read.

    Any ideas?

    Many thanks
    Pete

  69. I have the same problem as Pete.

    modem.sh starts and runs just fine. I can connect to Skype, iChat, other things of through whichever port chat interfaces use, but no web browsing (Chrome, FireFox or Safari) and I cannot connect to externals via ssh or ftp.

  70. You’re lucky Cher – it doesn’t work for me. I tried leaving wifi on but connecting to a dud wifi address which gives me no internet access.

    Weirdly Skype does work just like you said. Azilink counters clock up traffic with Skype. But no browsers work.

    Something to do with DNS? Any ideas?

    When I look at network preferences what should I see – I see a “Parallels Shared Networking Adapter” and a “Parallels Host-Only Networking Adapter”. Is that right?

    How should they look?

    Many thanks for any help

  71. @Motionpotion
    Because aNetShare simply doesn’t work for me. I root-ed my Hero and tried both wifi tether as well as anetshare, none of them seems to work with my MBP. Airport see it on wifi list, but when I try to connect it it doesn’t work.

    That’s why I use USB method explained above.

  72. Hi,

    Iโ€™m a HTC Tattoo user. While following your instruction to prepare my phone, I run into a problem. After installing openVPN, I was asked to install TunnelBlick which I did too. However, from there on, I do not know how to download the client.ovpn file. Could you kindly explain explicitly how to do this steps?

    Thanks

  73. Tue Oct 26 20:29:17 2010 OpenVPN 2.1.1 i386-apple-darwin10.4.0 [SSL] [LZO2] built on Oct 26 2010
    Tue Oct 26 20:29:17 2010 NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
    Tue Oct 26 20:29:17 2010 ******* WARNING *******: all encryption and authentication features disabled — all data will be tunnelled as cleartext
    Tue Oct 26 20:29:17 2010 TUN/TAP device /dev/tun0 opened
    Tue Oct 26 20:29:17 2010 /sbin/ifconfig tun0 delete
    ifconfig: ioctl (SIOCDIFADDR): Can’t assign requested address
    Tue Oct 26 20:29:17 2010 NOTE: Tried to delete pre-existing tun/tap instance — No Problem if failure
    Tue Oct 26 20:29:17 2010 /sbin/ifconfig tun0 192.168.56.2 192.168.56.1 mtu 1500 netmask 255.255.255.255 up
    Tue Oct 26 20:29:17 2010 /Users/David/Desktop/modem.sh up tun0 1500 1502 192.168.56.2 192.168.56.1 init
    /Users/David/Desktop/modem.sh: line 22: scutil: command not found
    Tue Oct 26 20:29:17 2010 script failed: could not execute external program
    Tue Oct 26 20:29:17 2010 Exiting

    This is the error I am getting. However, when I type “sudo scutil” in terminal alone, I am getting it work. I even tried using the full file path. Please help, I am braindead right now.

  74. Quote:
    This is the error I am getting. However, when I type “sudo scutil” in terminal alone, I am getting it work. I even tried using the full file path. Please help, I am braindead right now.

    I was too. Who can tell me how to deal with this problem?

  75. Even though all of the problems are solved in the comments above, I’ll try to summarize the solutions:

    1. Android SDK, as of r16, does not include adb by default. You have to run android-sdk/tools/android, and install the Platform Tools. adb will be put to android-sdk/platform-tools/adb (you should add this directory to PATH).
    2. USB debugging should be turned on on the phone.
    3. –script-security 2 should be added to the openvpn2 call in modem.sh, and the path to scutil should be specified (see http://pastie.org/3791898 for the fixed version).
    4. You might want to disable Skype, Evernote and other bandwidth-consuming apps if your data plan / bandwidth are tiny.

    Ah, BTW: I’ve just successfully set it up on Mac OS X Lion. Posting this via the mobile connection. ๐Ÿ™‚

Leave a Reply

Your email address will not be published. Required fields are marked *