Split Tunnel - Exclude Command not App Bundle

dwhagar

I want to exclude from the VPN a command that isn't contained within an App.  I'm using ZeroTier, it does have an app but the core process which needs to be excluded is a command in /Library/Application Support/ZeroTier/One specifically it is /Library/Application Support/ZeroTier/One/zerotier-one which creates the virtual network interface that ZeroTier uses.  Of course using PIA completely blocks it from working, but I would like this application to be allowed to bypass the VPN and continue to operate.

Problem is that the PIA GUI will not allow me to select this, it must be an application bundle (.App Directory) to be selected.  Does anyone know a way to make this work?  I would allow specific IP addresses to bypass the VPN but the services uses a lot of servers and there is no comprehensive list of IP addresses.

Any suggestions would be greatly appreiciated.

PIAMarc

I am sorry to hear that you have been experiencing issues with the Split Tunnel.  Via the CLI, it is possible to create a rule for any directory or executable on Mac, PIA will match this rule to any programs within that directory (including subdirectories, etc.).

This is particularly useful for programs installed by Homebrew, because the version number appears in the app path, and it will change every time the program is updated.

This command requires jq - "brew install jq" for users that have Homebrew installed. This example excludes /usr/local/Cellar/openconnect, which is the path for OpenConnect installed by Homebrew (frequently used by users to connect to corporate VPNs). You can replace /usr/local/Cellar/openconnect with any directory path.

piactl -u applysettings '{"splitTunnelRules":'"$(cat /Library/Preferences/com.privateinternetaccess.vpn/settings.json | jq '.splitTunnelRules + [{"linkTarget":"","mode":"exclude","path":"/usr/local/Cellar/openconnect"}]' -c)"'}'