From aca31c7055bb500cc3783a07ce7158d3ec4e07b7 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 7 Aug 2019 18:14:12 -0500
Subject: Put kext back in Mac distro and use on versions older than High
 Sierra (which lack the feth device)

---
 ext/bin/tap-mac/tap.kext/Contents/Info.plist       |   36 +
 ext/bin/tap-mac/tap.kext/Contents/MacOS/tap        |  Bin 0 -> 50496 bytes
 .../tap.kext/Contents/_CodeSignature/CodeResources |  105 ++
 ext/installfiles/mac/ZeroTier One.pkgproj          | 1505 +++++++++++---------
 ext/installfiles/mac/postinst.sh                   |    9 +-
 osdep/BSDEthernetTap.hpp                           |   25 +-
 osdep/EthernetTap.cpp                              |  117 ++
 osdep/EthernetTap.hpp                              |   72 +
 osdep/LinuxEthernetTap.cpp                         |   21 +-
 osdep/LinuxEthernetTap.hpp                         |   31 +-
 osdep/MacEthernetTap.cpp                           |   21 +-
 osdep/MacEthernetTap.hpp                           |   40 +-
 osdep/MacKextEthernetTap.cpp                       |  703 +++++++++
 osdep/MacKextEthernetTap.hpp                       |   93 ++
 osdep/NetBSDEthernetTap.hpp                        |   23 +-
 osdep/TestEthernetTap.hpp                          |  161 ---
 osdep/WindowsEthernetTap.hpp                       |   27 +-
 17 files changed, 2084 insertions(+), 905 deletions(-)
 create mode 100644 ext/bin/tap-mac/tap.kext/Contents/Info.plist
 create mode 100755 ext/bin/tap-mac/tap.kext/Contents/MacOS/tap
 create mode 100644 ext/bin/tap-mac/tap.kext/Contents/_CodeSignature/CodeResources
 create mode 100644 osdep/EthernetTap.cpp
 create mode 100644 osdep/EthernetTap.hpp
 create mode 100644 osdep/MacKextEthernetTap.cpp
 create mode 100644 osdep/MacKextEthernetTap.hpp
 delete mode 100644 osdep/TestEthernetTap.hpp

diff --git a/ext/bin/tap-mac/tap.kext/Contents/Info.plist b/ext/bin/tap-mac/tap.kext/Contents/Info.plist
new file mode 100644
index 00000000..c20eefa5
--- /dev/null
+++ b/ext/bin/tap-mac/tap.kext/Contents/Info.plist
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>English</string>
+	<key>CFBundleExecutable</key>
+	<string>tap</string>
+	<key>CFBundleIdentifier</key>
+	<string>com.zerotier.tap</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>tap</string>
+	<key>CFBundlePackageType</key>
+	<string>KEXT</string>
+	<key>CFBundleShortVersionString</key>
+	<string>20150118</string>
+	<key>CFBundleSignature</key>
+	<string>????</string>
+	<key>CFBundleVersion</key>
+	<string>1.0</string>
+	<key>OSBundleLibraries</key>
+	<dict>
+		<key>com.apple.kpi.mach</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.bsd</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.libkern</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.unsupported</key>
+		<string>8.0</string>
+	</dict>
+</dict>
+</plist>
+
diff --git a/ext/bin/tap-mac/tap.kext/Contents/MacOS/tap b/ext/bin/tap-mac/tap.kext/Contents/MacOS/tap
new file mode 100755
index 00000000..48bf9625
Binary files /dev/null and b/ext/bin/tap-mac/tap.kext/Contents/MacOS/tap differ
diff --git a/ext/bin/tap-mac/tap.kext/Contents/_CodeSignature/CodeResources b/ext/bin/tap-mac/tap.kext/Contents/_CodeSignature/CodeResources
new file mode 100644
index 00000000..0710b400
--- /dev/null
+++ b/ext/bin/tap-mac/tap.kext/Contents/_CodeSignature/CodeResources
@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>files</key>
+	<dict/>
+	<key>files2</key>
+	<dict/>
+	<key>rules</key>
+	<dict>
+		<key>^Resources/</key>
+		<true/>
+		<key>^Resources/.*\.lproj/</key>
+		<dict>
+			<key>optional</key>
+			<true/>
+			<key>weight</key>
+			<real>1000</real>
+		</dict>
+		<key>^Resources/.*\.lproj/locversion.plist$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>1100</real>
+		</dict>
+		<key>^version.plist$</key>
+		<true/>
+	</dict>
+	<key>rules2</key>
+	<dict>
+		<key>.*\.dSYM($|/)</key>
+		<dict>
+			<key>weight</key>
+			<real>11</real>
+		</dict>
+		<key>^(.*/)?\.DS_Store$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>2000</real>
+		</dict>
+		<key>^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/</key>
+		<dict>
+			<key>nested</key>
+			<true/>
+			<key>weight</key>
+			<real>10</real>
+		</dict>
+		<key>^.*</key>
+		<true/>
+		<key>^Info\.plist$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+		<key>^PkgInfo$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+		<key>^Resources/</key>
+		<dict>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+		<key>^Resources/.*\.lproj/</key>
+		<dict>
+			<key>optional</key>
+			<true/>
+			<key>weight</key>
+			<real>1000</real>
+		</dict>
+		<key>^Resources/.*\.lproj/locversion.plist$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>1100</real>
+		</dict>
+		<key>^[^/]+$</key>
+		<dict>
+			<key>nested</key>
+			<true/>
+			<key>weight</key>
+			<real>10</real>
+		</dict>
+		<key>^embedded\.provisionprofile$</key>
+		<dict>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+		<key>^version\.plist$</key>
+		<dict>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+	</dict>
+</dict>
+</plist>
diff --git a/ext/installfiles/mac/ZeroTier One.pkgproj b/ext/installfiles/mac/ZeroTier One.pkgproj
index afda6554..d962e96d 100755
--- a/ext/installfiles/mac/ZeroTier One.pkgproj	
+++ b/ext/installfiles/mac/ZeroTier One.pkgproj	
@@ -2,670 +2,731 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 <dict>
-	<key>PROJECT</key>
-	<dict>
-		<key>PACKAGE_FILES</key>
+	<key>PACKAGES</key>
+	<array>
 		<dict>
-			<key>DEFAULT_INSTALL_LOCATION</key>
-			<string>/</string>
-			<key>HIERARCHY</key>
+			<key>MUST-CLOSE-APPLICATION-ITEMS</key>
+			<array/>
+			<key>MUST-CLOSE-APPLICATIONS</key>
+			<false/>
+			<key>PACKAGE_FILES</key>
 			<dict>
-				<key>CHILDREN</key>
-				<array>
-					<dict>
-						<key>CHILDREN</key>
-						<array>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>80</integer>
-								<key>PATH</key>
-								<string>Utilities</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>80</integer>
-								<key>PATH</key>
-								<string>../../../macui/build/Release/ZeroTier One.app</string>
-								<key>PATH_TYPE</key>
-								<integer>1</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>3</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-						</array>
-						<key>GID</key>
-						<integer>80</integer>
-						<key>PATH</key>
-						<string>Applications</string>
-						<key>PATH_TYPE</key>
-						<integer>0</integer>
-						<key>PERMISSIONS</key>
-						<integer>509</integer>
-						<key>TYPE</key>
-						<integer>1</integer>
-						<key>UID</key>
-						<integer>0</integer>
-					</dict>
-					<dict>
-						<key>CHILDREN</key>
-						<array>
-							<dict>
-								<key>CHILDREN</key>
-								<array>
-									<dict>
-										<key>CHILDREN</key>
-										<array>
-											<dict>
-												<key>CHILDREN</key>
-												<array>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>0</integer>
-														<key>PATH</key>
-														<string>get-proxy-settings.sh</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>0</integer>
-														<key>PATH</key>
-														<string>launch.sh</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>80</integer>
-														<key>PATH</key>
-														<string>../../../MacEthernetTapAgent</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>0</integer>
-														<key>PATH</key>
-														<string>uninstall.sh</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>0</integer>
-														<key>PATH</key>
-														<string>../../../zerotier-one</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-												</array>
-												<key>GID</key>
-												<integer>80</integer>
-												<key>PATH</key>
-												<string>One</string>
-												<key>PATH_TYPE</key>
-												<integer>0</integer>
-												<key>PERMISSIONS</key>
-												<integer>493</integer>
-												<key>TYPE</key>
-												<integer>2</integer>
-												<key>UID</key>
-												<integer>0</integer>
-											</dict>
-										</array>
-										<key>GID</key>
-										<integer>80</integer>
-										<key>PATH</key>
-										<string>ZeroTier</string>
-										<key>PATH_TYPE</key>
-										<integer>0</integer>
-										<key>PERMISSIONS</key>
-										<integer>493</integer>
-										<key>TYPE</key>
-										<integer>2</integer>
-										<key>UID</key>
-										<integer>0</integer>
-									</dict>
-								</array>
-								<key>GID</key>
-								<integer>80</integer>
-								<key>PATH</key>
-								<string>Application Support</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Automator</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Documentation</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Filesystems</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Frameworks</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Input Methods</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Internet Plug-Ins</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>LaunchAgents</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array>
-									<dict>
-										<key>CHILDREN</key>
-										<array/>
-										<key>GID</key>
-										<integer>0</integer>
-										<key>PATH</key>
-										<string>com.zerotier.one.plist</string>
-										<key>PATH_TYPE</key>
-										<integer>1</integer>
-										<key>PERMISSIONS</key>
-										<integer>420</integer>
-										<key>TYPE</key>
-										<integer>3</integer>
-										<key>UID</key>
-										<integer>0</integer>
-									</dict>
-								</array>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>LaunchDaemons</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>PreferencePanes</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Preferences</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>80</integer>
-								<key>PATH</key>
-								<string>Printers</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>PrivilegedHelperTools</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>QuickLook</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>QuickTime</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Screen Savers</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Scripts</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Services</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Widgets</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-						</array>
-						<key>GID</key>
-						<integer>0</integer>
-						<key>PATH</key>
-						<string>Library</string>
-						<key>PATH_TYPE</key>
-						<integer>0</integer>
-						<key>PERMISSIONS</key>
-						<integer>493</integer>
-						<key>TYPE</key>
-						<integer>1</integer>
-						<key>UID</key>
-						<integer>0</integer>
-					</dict>
-					<dict>
-						<key>CHILDREN</key>
-						<array>
-							<dict>
-								<key>CHILDREN</key>
-								<array>
-									<dict>
-										<key>CHILDREN</key>
-										<array/>
-										<key>GID</key>
-										<integer>0</integer>
-										<key>PATH</key>
-										<string>Extensions</string>
-										<key>PATH_TYPE</key>
-										<integer>0</integer>
-										<key>PERMISSIONS</key>
-										<integer>493</integer>
-										<key>TYPE</key>
-										<integer>1</integer>
-										<key>UID</key>
-										<integer>0</integer>
-									</dict>
-								</array>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Library</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-						</array>
-						<key>GID</key>
-						<integer>0</integer>
-						<key>PATH</key>
-						<string>System</string>
-						<key>PATH_TYPE</key>
-						<integer>0</integer>
-						<key>PERMISSIONS</key>
-						<integer>493</integer>
-						<key>TYPE</key>
-						<integer>1</integer>
-						<key>UID</key>
-						<integer>0</integer>
-					</dict>
-					<dict>
-						<key>CHILDREN</key>
-						<array>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Shared</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>1023</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-						</array>
-						<key>GID</key>
-						<integer>80</integer>
-						<key>PATH</key>
-						<string>Users</string>
-						<key>PATH_TYPE</key>
-						<integer>0</integer>
-						<key>PERMISSIONS</key>
-						<integer>493</integer>
-						<key>TYPE</key>
-						<integer>1</integer>
-						<key>UID</key>
-						<integer>0</integer>
-					</dict>
-				</array>
-				<key>GID</key>
-				<integer>0</integer>
-				<key>PATH</key>
+				<key>DEFAULT_INSTALL_LOCATION</key>
 				<string>/</string>
-				<key>PATH_TYPE</key>
-				<integer>0</integer>
-				<key>PERMISSIONS</key>
-				<integer>493</integer>
-				<key>TYPE</key>
-				<integer>1</integer>
-				<key>UID</key>
+				<key>HIERARCHY</key>
+				<dict>
+					<key>CHILDREN</key>
+					<array>
+						<dict>
+							<key>CHILDREN</key>
+							<array>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>80</integer>
+									<key>PATH</key>
+									<string>Utilities</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>80</integer>
+									<key>PATH</key>
+									<string>../../../macui/build/Release/ZeroTier One.app</string>
+									<key>PATH_TYPE</key>
+									<integer>1</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>3</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+							</array>
+							<key>GID</key>
+							<integer>80</integer>
+							<key>PATH</key>
+							<string>Applications</string>
+							<key>PATH_TYPE</key>
+							<integer>0</integer>
+							<key>PERMISSIONS</key>
+							<integer>509</integer>
+							<key>TYPE</key>
+							<integer>1</integer>
+							<key>UID</key>
+							<integer>0</integer>
+						</dict>
+						<dict>
+							<key>CHILDREN</key>
+							<array>
+								<dict>
+									<key>CHILDREN</key>
+									<array>
+										<dict>
+											<key>CHILDREN</key>
+											<array>
+												<dict>
+													<key>CHILDREN</key>
+													<array>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>get-proxy-settings.sh</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>launch.sh</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>80</integer>
+															<key>PATH</key>
+															<string>../../../MacEthernetTapAgent</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>BUNDLE_CAN_DOWNGRADE</key>
+															<false/>
+															<key>BUNDLE_POSTINSTALL_PATH</key>
+															<dict>
+																<key>PATH_TYPE</key>
+																<integer>0</integer>
+															</dict>
+															<key>BUNDLE_PREINSTALL_PATH</key>
+															<dict>
+																<key>PATH_TYPE</key>
+																<integer>0</integer>
+															</dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>../../bin/tap-mac/tap.kext</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>uninstall.sh</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>../../../zerotier-one</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+													</array>
+													<key>GID</key>
+													<integer>80</integer>
+													<key>PATH</key>
+													<string>One</string>
+													<key>PATH_TYPE</key>
+													<integer>0</integer>
+													<key>PERMISSIONS</key>
+													<integer>493</integer>
+													<key>TYPE</key>
+													<integer>2</integer>
+													<key>UID</key>
+													<integer>0</integer>
+												</dict>
+											</array>
+											<key>GID</key>
+											<integer>80</integer>
+											<key>PATH</key>
+											<string>ZeroTier</string>
+											<key>PATH_TYPE</key>
+											<integer>0</integer>
+											<key>PERMISSIONS</key>
+											<integer>493</integer>
+											<key>TYPE</key>
+											<integer>2</integer>
+											<key>UID</key>
+											<integer>0</integer>
+										</dict>
+									</array>
+									<key>GID</key>
+									<integer>80</integer>
+									<key>PATH</key>
+									<string>Application Support</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Automator</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Documentation</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Filesystems</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Frameworks</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Input Methods</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Internet Plug-Ins</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>LaunchAgents</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array>
+										<dict>
+											<key>CHILDREN</key>
+											<array/>
+											<key>GID</key>
+											<integer>0</integer>
+											<key>PATH</key>
+											<string>com.zerotier.one.plist</string>
+											<key>PATH_TYPE</key>
+											<integer>1</integer>
+											<key>PERMISSIONS</key>
+											<integer>420</integer>
+											<key>TYPE</key>
+											<integer>3</integer>
+											<key>UID</key>
+											<integer>0</integer>
+										</dict>
+									</array>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>LaunchDaemons</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>PreferencePanes</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Preferences</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>80</integer>
+									<key>PATH</key>
+									<string>Printers</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>PrivilegedHelperTools</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>1005</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>QuickLook</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>QuickTime</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Screen Savers</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Scripts</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Services</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Widgets</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Extensions</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+							</array>
+							<key>GID</key>
+							<integer>0</integer>
+							<key>PATH</key>
+							<string>Library</string>
+							<key>PATH_TYPE</key>
+							<integer>0</integer>
+							<key>PERMISSIONS</key>
+							<integer>493</integer>
+							<key>TYPE</key>
+							<integer>1</integer>
+							<key>UID</key>
+							<integer>0</integer>
+						</dict>
+						<dict>
+							<key>CHILDREN</key>
+							<array>
+								<dict>
+									<key>CHILDREN</key>
+									<array>
+										<dict>
+											<key>CHILDREN</key>
+											<array/>
+											<key>GID</key>
+											<integer>0</integer>
+											<key>PATH</key>
+											<string>Extensions</string>
+											<key>PATH_TYPE</key>
+											<integer>0</integer>
+											<key>PERMISSIONS</key>
+											<integer>493</integer>
+											<key>TYPE</key>
+											<integer>1</integer>
+											<key>UID</key>
+											<integer>0</integer>
+										</dict>
+									</array>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Library</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+							</array>
+							<key>GID</key>
+							<integer>0</integer>
+							<key>PATH</key>
+							<string>System</string>
+							<key>PATH_TYPE</key>
+							<integer>0</integer>
+							<key>PERMISSIONS</key>
+							<integer>493</integer>
+							<key>TYPE</key>
+							<integer>1</integer>
+							<key>UID</key>
+							<integer>0</integer>
+						</dict>
+						<dict>
+							<key>CHILDREN</key>
+							<array>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Shared</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>1023</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+							</array>
+							<key>GID</key>
+							<integer>80</integer>
+							<key>PATH</key>
+							<string>Users</string>
+							<key>PATH_TYPE</key>
+							<integer>0</integer>
+							<key>PERMISSIONS</key>
+							<integer>493</integer>
+							<key>TYPE</key>
+							<integer>1</integer>
+							<key>UID</key>
+							<integer>0</integer>
+						</dict>
+					</array>
+					<key>GID</key>
+					<integer>0</integer>
+					<key>PATH</key>
+					<string>/</string>
+					<key>PATH_TYPE</key>
+					<integer>0</integer>
+					<key>PERMISSIONS</key>
+					<integer>493</integer>
+					<key>TYPE</key>
+					<integer>1</integer>
+					<key>UID</key>
+					<integer>0</integer>
+				</dict>
+				<key>PAYLOAD_TYPE</key>
 				<integer>0</integer>
+				<key>PRESERVE_EXTENDED_ATTRIBUTES</key>
+				<false/>
+				<key>SHOW_INVISIBLE</key>
+				<false/>
+				<key>SPLIT_FORKS</key>
+				<true/>
+				<key>TREAT_MISSING_FILES_AS_WARNING</key>
+				<false/>
+				<key>VERSION</key>
+				<integer>5</integer>
 			</dict>
-			<key>PAYLOAD_TYPE</key>
-			<integer>0</integer>
-			<key>SHOW_INVISIBLE</key>
-			<false/>
-			<key>SPLIT_FORKS</key>
-			<true/>
-			<key>TREAT_MISSING_FILES_AS_WARNING</key>
-			<false/>
-			<key>VERSION</key>
-			<integer>3</integer>
-		</dict>
-		<key>PACKAGE_SCRIPTS</key>
-		<dict>
-			<key>POSTINSTALL_PATH</key>
+			<key>PACKAGE_SCRIPTS</key>
 			<dict>
-				<key>PATH</key>
-				<string>postinst.sh</string>
-				<key>PATH_TYPE</key>
-				<integer>1</integer>
+				<key>POSTINSTALL_PATH</key>
+				<dict>
+					<key>PATH</key>
+					<string>postinst.sh</string>
+					<key>PATH_TYPE</key>
+					<integer>1</integer>
+				</dict>
+				<key>PREINSTALL_PATH</key>
+				<dict>
+					<key>PATH</key>
+					<string>preinst.sh</string>
+					<key>PATH_TYPE</key>
+					<integer>1</integer>
+				</dict>
+				<key>RESOURCES</key>
+				<array/>
 			</dict>
-			<key>PREINSTALL_PATH</key>
+			<key>PACKAGE_SETTINGS</key>
 			<dict>
-				<key>PATH</key>
-				<string>preinst.sh</string>
-				<key>PATH_TYPE</key>
+				<key>AUTHENTICATION</key>
 				<integer>1</integer>
+				<key>CONCLUSION_ACTION</key>
+				<integer>0</integer>
+				<key>FOLLOW_SYMBOLIC_LINKS</key>
+				<false/>
+				<key>IDENTIFIER</key>
+				<string>com.zerotier.pkg.ZeroTierOne</string>
+				<key>LOCATION</key>
+				<integer>0</integer>
+				<key>NAME</key>
+				<string>ZeroTier One</string>
+				<key>OVERWRITE_PERMISSIONS</key>
+				<false/>
+				<key>PAYLOAD_SIZE</key>
+				<integer>-1</integer>
+				<key>REFERENCE_PATH</key>
+				<string></string>
+				<key>RELOCATABLE</key>
+				<false/>
+				<key>USE_HFS+_COMPRESSION</key>
+				<false/>
+				<key>VERSION</key>
+				<string>1.4.2</string>
 			</dict>
-			<key>RESOURCES</key>
-			<array/>
-		</dict>
-		<key>PACKAGE_SETTINGS</key>
-		<dict>
-			<key>AUTHENTICATION</key>
-			<integer>1</integer>
-			<key>CONCLUSION_ACTION</key>
+			<key>TYPE</key>
 			<integer>0</integer>
-			<key>FOLLOW_SYMBOLIC_LINKS</key>
-			<false/>
-			<key>IDENTIFIER</key>
-			<string>com.zerotier.pkg.ZeroTierOne</string>
-			<key>LOCATION</key>
-			<integer>0</integer>
-			<key>NAME</key>
-			<string></string>
-			<key>OVERWRITE_PERMISSIONS</key>
-			<false/>
-			<key>PAYLOAD_SIZE</key>
-			<integer>-1</integer>
-			<key>RELOCATABLE</key>
-			<false/>
-			<key>USE_HFS+_COMPRESSION</key>
-			<false/>
-			<key>VERSION</key>
-			<string>1.4.2</string>
+			<key>UUID</key>
+			<string>1B6AFC3A-9EA5-4401-83D4-37F06CD13CD6</string>
 		</dict>
+	</array>
+	<key>PROJECT</key>
+	<dict>
 		<key>PROJECT_COMMENTS</key>
 		<dict>
 			<key>NOTES</key>
@@ -701,8 +762,139 @@
 			dG1sPgo=
 			</data>
 		</dict>
+		<key>PROJECT_PRESENTATION</key>
+		<dict>
+			<key>BACKGROUND</key>
+			<dict>
+				<key>APPAREANCES</key>
+				<dict>
+					<key>DARK_AQUA</key>
+					<dict/>
+					<key>LIGHT_AQUA</key>
+					<dict/>
+				</dict>
+				<key>SHARED_SETTINGS_FOR_ALL_APPAREANCES</key>
+				<true/>
+			</dict>
+			<key>INSTALLATION_STEPS</key>
+			<array>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewIntroductionController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>Introduction</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewReadMeController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>ReadMe</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewLicenseController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>License</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewDestinationSelectController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>TargetSelect</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewInstallationTypeController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>PackageSelection</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewInstallationController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>Install</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewSummaryController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>Summary</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+			</array>
+			<key>INTRODUCTION</key>
+			<dict>
+				<key>LOCALIZATIONS</key>
+				<array/>
+			</dict>
+			<key>LICENSE</key>
+			<dict>
+				<key>LOCALIZATIONS</key>
+				<array/>
+				<key>MODE</key>
+				<integer>0</integer>
+			</dict>
+			<key>README</key>
+			<dict>
+				<key>LOCALIZATIONS</key>
+				<array/>
+			</dict>
+			<key>TITLE</key>
+			<dict>
+				<key>LOCALIZATIONS</key>
+				<array/>
+			</dict>
+		</dict>
+		<key>PROJECT_REQUIREMENTS</key>
+		<dict>
+			<key>LIST</key>
+			<array>
+				<dict>
+					<key>BEHAVIOR</key>
+					<integer>3</integer>
+					<key>DICTIONARY</key>
+					<dict>
+						<key>IC_REQUIREMENT_OS_DISK_TYPE</key>
+						<integer>0</integer>
+						<key>IC_REQUIREMENT_OS_DISTRIBUTION_TYPE</key>
+						<integer>0</integer>
+						<key>IC_REQUIREMENT_OS_MINIMUM_VERSION</key>
+						<integer>100900</integer>
+					</dict>
+					<key>IC_REQUIREMENT_CHECK_TYPE</key>
+					<integer>1</integer>
+					<key>IDENTIFIER</key>
+					<string>fr.whitebox.Packages.requirement.os</string>
+					<key>MESSAGE</key>
+					<array/>
+					<key>NAME</key>
+					<string>Operating System</string>
+					<key>STATE</key>
+					<true/>
+				</dict>
+			</array>
+			<key>RESOURCES</key>
+			<array/>
+			<key>ROOT_VOLUME_ONLY</key>
+			<false/>
+		</dict>
 		<key>PROJECT_SETTINGS</key>
 		<dict>
+			<key>BUILD_FORMAT</key>
+			<integer>0</integer>
 			<key>BUILD_PATH</key>
 			<dict>
 				<key>PATH</key>
@@ -882,10 +1074,17 @@
 			<string>ZeroTier One</string>
 			<key>PAYLOAD_ONLY</key>
 			<false/>
+			<key>TREAT_MISSING_PRESENTATION_DOCUMENTS_AS_WARNING</key>
+			<false/>
 		</dict>
 	</dict>
+	<key>SHARED_GLOBAL_DATA</key>
+	<dict>
+		<key>IC_REQUIREMENT_JAVASCRIPT_SHARED_SOURCE_CODE</key>
+		<string></string>
+	</dict>
 	<key>TYPE</key>
-	<integer>1</integer>
+	<integer>0</integer>
 	<key>VERSION</key>
 	<integer>2</integer>
 </dict>
diff --git a/ext/installfiles/mac/postinst.sh b/ext/installfiles/mac/postinst.sh
index b4ea2ee2..95301a4e 100755
--- a/ext/installfiles/mac/postinst.sh
+++ b/ext/installfiles/mac/postinst.sh
@@ -3,6 +3,7 @@
 export PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin
 
 OSX_RELEASE=`sw_vers -productVersion | cut -d . -f 1,2`
+DARWIN_MAJOR=`uname -r | cut -d . -f 1`
 
 launchctl unload /Library/LaunchDaemons/com.zerotier.one.plist >>/dev/null 2>&1
 sleep 0.5
@@ -43,9 +44,11 @@ rm -f zerotier-cli zerotier-idtool
 ln -sf "/Library/Application Support/ZeroTier/One/zerotier-one" zerotier-cli
 ln -sf "/Library/Application Support/ZeroTier/One/zerotier-one" zerotier-idtool
 
-cd "/Library/Application Support/ZeroTier/One"
-kextload -r . tap.kext >>/dev/null 2>&1 &
-disown %1
+if [ $DARWIN_MAJOR -le 16 ]; then
+	cd "/Library/Application Support/ZeroTier/One"
+	kextload -r . tap.kext >>/dev/null 2>&1 &
+	disown %1
+fi
 
 launchctl load /Library/LaunchDaemons/com.zerotier.one.plist >>/dev/null 2>&1
 
diff --git a/osdep/BSDEthernetTap.hpp b/osdep/BSDEthernetTap.hpp
index deefd5c7..5b1fe2dc 100644
--- a/osdep/BSDEthernetTap.hpp
+++ b/osdep/BSDEthernetTap.hpp
@@ -38,10 +38,11 @@
 #include "../node/MulticastGroup.hpp"
 #include "../node/MAC.hpp"
 #include "Thread.hpp"
+#include "EthernetTap.hpp"
 
 namespace ZeroTier {
 
-class BSDEthernetTap
+class BSDEthernetTap : public EthernetTap
 {
 public:
 	BSDEthernetTap(
@@ -54,18 +55,18 @@ public:
 		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~BSDEthernetTap();
+	virtual ~BSDEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
-	void setMtu(unsigned int mtu);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
 
 	void threadMain()
 		throw();
diff --git a/osdep/EthernetTap.cpp b/osdep/EthernetTap.cpp
new file mode 100644
index 00000000..a10db55f
--- /dev/null
+++ b/osdep/EthernetTap.cpp
@@ -0,0 +1,117 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2019  ZeroTier, Inc.  https://www.zerotier.com/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * You can be released from the requirements of the license by purchasing
+ * a commercial license. Buying such a license is mandatory as soon as you
+ * develop commercial closed-source software that incorporates or links
+ * directly against ZeroTier software without disclosing the source code
+ * of your own application.
+ */
+
+#include "EthernetTap.hpp"
+#include "OSUtils.hpp"
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef __APPLE__
+#include <errno.h>
+#include <sys/sysctl.h>
+#include "MacEthernetTap.hpp"
+#include "MacKextEthernetTap.hpp"
+#endif // __APPLE__
+
+#ifdef __LINUX__
+#include "LinuxEthernetTap.hpp"
+#endif // __LINUX__
+
+#ifdef __WINDOWS__
+#include "WindowsEthernetTap.hpp"
+#endif // __WINDOWS__
+
+#ifdef __FreeBSD__
+#include "BSDEthernetTap.hpp"
+#endif // __FreeBSD__
+
+#ifdef __NetBSD__
+#include "NetBSDEthernetTap.hpp"
+#endif // __NetBSD__
+
+#ifdef __OpenBSD__
+#include "BSDEthernetTap.hpp"
+#endif // __OpenBSD__
+
+namespace ZeroTier {
+
+std::shared_ptr<EthernetTap> EthernetTap::newInstance(
+	const char *tapDeviceType, // OS-specific, NULL for default
+	const char *homePath,
+	const MAC &mac,
+	unsigned int mtu,
+	unsigned int metric,
+	uint64_t nwid,
+	const char *friendlyName,
+	void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
+	void *arg)
+{
+#ifdef __APPLE__
+	char osrelease[256];
+	size_t size = sizeof(osrelease);
+	if (sysctlbyname("kern.osrelease",osrelease,&size,nullptr,0) == 0) {
+		char *dotAt = strchr(osrelease,'.');
+		if (dotAt) {
+			*dotAt = (char)0;
+			// The "feth" virtual Ethernet device type appeared in Darwin 17.x.x. Older versions
+			// (Sierra and earlier) must use the a kernel extension.
+			if (strtol(osrelease,(char **)0,10) < 17) {
+				return std::shared_ptr<EthernetTap>(new MacKextEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+			} else {
+				return std::shared_ptr<EthernetTap>(new MacEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+			}
+		}
+	}
+#endif // __APPLE__
+
+#ifdef __LINUX__
+	return std::shared_ptr<EthernetTap>(new LinuxEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __LINUX__
+
+#ifdef __WINDOWS__
+	return std::shared_ptr<EthernetTap>(new WindowsEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __WINDOWS__
+
+#ifdef __FreeBSD__
+	return std::shared_ptr<EthernetTap>(new BSDEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __FreeBSD__
+
+#ifdef __NetBSD__
+	return std::shared_ptr<EthernetTap>(new NetBSDEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __NetBSD__
+
+#ifdef __OpenBSD__
+	return std::shared_ptr<EthernetTap>(new BSDEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __OpenBSD__
+
+	return std::shared_ptr<EthernetTap>();
+}
+
+EthernetTap::EthernetTap() {}
+EthernetTap::~EthernetTap() {}
+
+} // namespace ZeroTier
diff --git a/osdep/EthernetTap.hpp b/osdep/EthernetTap.hpp
new file mode 100644
index 00000000..fc8fc848
--- /dev/null
+++ b/osdep/EthernetTap.hpp
@@ -0,0 +1,72 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2019  ZeroTier, Inc.  https://www.zerotier.com/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * You can be released from the requirements of the license by purchasing
+ * a commercial license. Buying such a license is mandatory as soon as you
+ * develop commercial closed-source software that incorporates or links
+ * directly against ZeroTier software without disclosing the source code
+ * of your own application.
+ */
+
+#ifndef ZT_ETHERNETTAP_HPP
+#define ZT_ETHERNETTAP_HPP
+
+#include "../node/Constants.hpp"
+#include "../node/MAC.hpp"
+#include "../node/InetAddress.hpp"
+#include "../node/MulticastGroup.hpp"
+
+#include <string>
+#include <memory>
+#include <vector>
+
+namespace ZeroTier {
+
+class EthernetTap
+{
+public:
+	static std::shared_ptr<EthernetTap> newInstance(
+		const char *tapDeviceType, // OS-specific, NULL for default
+		const char *homePath,
+		const MAC &mac,
+		unsigned int mtu,
+		unsigned int metric,
+		uint64_t nwid,
+		const char *friendlyName,
+		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
+		void *arg);
+
+	EthernetTap();
+	virtual ~EthernetTap();
+
+	virtual void setEnabled(bool en) = 0;
+	virtual bool enabled() const = 0;
+	virtual bool addIp(const InetAddress &ip) = 0;
+	virtual bool removeIp(const InetAddress &ip) = 0;
+	virtual std::vector<InetAddress> ips() const = 0;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len) = 0;
+	virtual std::string deviceName() const = 0;
+	virtual void setFriendlyName(const char *friendlyName) = 0;
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed) = 0;
+	virtual void setMtu(unsigned int mtu) = 0;
+};
+
+} // namespace ZeroTier
+
+#endif
diff --git a/osdep/LinuxEthernetTap.cpp b/osdep/LinuxEthernetTap.cpp
index 2ea93dd1..5ed49eef 100644
--- a/osdep/LinuxEthernetTap.cpp
+++ b/osdep/LinuxEthernetTap.cpp
@@ -24,6 +24,17 @@
  * of your own application.
  */
 
+#include "../node/Constants.hpp"
+
+#ifdef __LINUX__
+
+#include "../node/Utils.hpp"
+#include "../node/Mutex.hpp"
+#include "../node/Dictionary.hpp"
+#include "OSUtils.hpp"
+#include "LinuxEthernetTap.hpp"
+#include "LinuxNetLink.hpp"
+
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -50,14 +61,6 @@
 #include <utility>
 #include <string>
 
-#include "../node/Constants.hpp"
-#include "../node/Utils.hpp"
-#include "../node/Mutex.hpp"
-#include "../node/Dictionary.hpp"
-#include "OSUtils.hpp"
-#include "LinuxEthernetTap.hpp"
-#include "LinuxNetLink.hpp"
-
 // ff:ff:ff:ff:ff:ff with no ADI
 static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
 
@@ -519,3 +522,5 @@ void LinuxEthernetTap::threadMain()
 }
 
 } // namespace ZeroTier
+
+#endif // __LINUX__
diff --git a/osdep/LinuxEthernetTap.hpp b/osdep/LinuxEthernetTap.hpp
index 050bec34..1acecb4b 100644
--- a/osdep/LinuxEthernetTap.hpp
+++ b/osdep/LinuxEthernetTap.hpp
@@ -33,16 +33,15 @@
 #include <string>
 #include <vector>
 #include <stdexcept>
+#include <atomic>
 
 #include "../node/MulticastGroup.hpp"
 #include "Thread.hpp"
+#include "EthernetTap.hpp"
 
 namespace ZeroTier {
 
-/**
- * Linux Ethernet tap using kernel tun/tap driver
- */
-class LinuxEthernetTap
+class LinuxEthernetTap : public EthernetTap
 {
 public:
 	LinuxEthernetTap(
@@ -55,21 +54,21 @@ public:
 		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~LinuxEthernetTap();
+	virtual ~LinuxEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
 #ifdef __SYNOLOGY__
 	bool addIpSyn(std::vector<InetAddress> ips);
 #endif
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
-	void setMtu(unsigned int mtu);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
 
 	void threadMain()
 		throw();
@@ -85,7 +84,7 @@ private:
 	unsigned int _mtu;
 	int _fd;
 	int _shutdownSignalPipe[2];
-	volatile bool _enabled;
+	std::atomic_bool _enabled;
 };
 
 } // namespace ZeroTier
diff --git a/osdep/MacEthernetTap.cpp b/osdep/MacEthernetTap.cpp
index a11a75e2..237df470 100644
--- a/osdep/MacEthernetTap.cpp
+++ b/osdep/MacEthernetTap.cpp
@@ -24,6 +24,17 @@
  * of your own application.
  */
 
+#include "../node/Constants.hpp"
+
+#ifdef __APPLE__
+
+#include "../node/Utils.hpp"
+#include "../node/Mutex.hpp"
+#include "../node/Dictionary.hpp"
+#include "OSUtils.hpp"
+#include "MacEthernetTap.hpp"
+#include "MacEthernetTapAgent.h"
+
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -57,14 +68,6 @@
 #include <set>
 #include <algorithm>
 
-#include "../node/Constants.hpp"
-#include "../node/Utils.hpp"
-#include "../node/Mutex.hpp"
-#include "../node/Dictionary.hpp"
-#include "OSUtils.hpp"
-#include "MacEthernetTap.hpp"
-#include "MacEthernetTapAgent.h"
-
 static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
 
 namespace ZeroTier {
@@ -463,3 +466,5 @@ void MacEthernetTap::threadMain()
 }
 
 } // namespace ZeroTier
+
+#endif // __APPLE__
diff --git a/osdep/MacEthernetTap.hpp b/osdep/MacEthernetTap.hpp
index fb5bc6db..2eef59be 100644
--- a/osdep/MacEthernetTap.hpp
+++ b/osdep/MacEthernetTap.hpp
@@ -27,24 +27,24 @@
 #ifndef ZT_OSXETHERNETTAP_HPP
 #define ZT_OSXETHERNETTAP_HPP
 
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <stdexcept>
-#include <string>
-#include <vector>
-
 #include "../node/Constants.hpp"
 #include "../node/MAC.hpp"
 #include "../node/InetAddress.hpp"
 #include "../node/MulticastGroup.hpp"
 #include "../node/Mutex.hpp"
-
 #include "Thread.hpp"
+#include "EthernetTap.hpp"
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <stdexcept>
+#include <string>
+#include <vector>
 
 namespace ZeroTier {
 
-class MacEthernetTap
+class MacEthernetTap : public EthernetTap
 {
 public:
 	MacEthernetTap(
@@ -57,18 +57,18 @@ public:
 		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~MacEthernetTap();
+	virtual ~MacEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
-	void setMtu(unsigned int mtu);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
 
 	void threadMain()
 		throw();
diff --git a/osdep/MacKextEthernetTap.cpp b/osdep/MacKextEthernetTap.cpp
new file mode 100644
index 00000000..4f0520a6
--- /dev/null
+++ b/osdep/MacKextEthernetTap.cpp
@@ -0,0 +1,703 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2018  ZeroTier, Inc.  https://www.zerotier.com/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * You can be released from the requirements of the license by purchasing
+ * a commercial license. Buying such a license is mandatory as soon as you
+ * develop commercial closed-source software that incorporates or links
+ * directly against ZeroTier software without disclosing the source code
+ * of your own application.
+ */
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+
+#include <unistd.h>
+#include <signal.h>
+
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/ioctl.h>
+#include <sys/wait.h>
+#include <sys/select.h>
+#include <sys/cdefs.h>
+#include <sys/uio.h>
+#include <sys/param.h>
+#include <sys/ioctl.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <net/route.h>
+#include <net/if.h>
+#include <net/if_arp.h>
+#include <net/if_dl.h>
+#include <net/if_media.h>
+#include <sys/sysctl.h>
+#include <netinet6/in6_var.h>
+#include <netinet/in_var.h>
+#include <netinet/icmp6.h>
+
+// OSX compile fix... in6_var defines this in a struct which namespaces it for C++ ... why?!?
+struct prf_ra {
+	u_char onlink : 1;
+	u_char autonomous : 1;
+	u_char reserved : 6;
+} prf_ra;
+
+#include <netinet6/nd6.h>
+#include <ifaddrs.h>
+
+// These are KERNEL_PRIVATE... why?
+#ifndef SIOCAUTOCONF_START
+#define SIOCAUTOCONF_START _IOWR('i', 132, struct in6_ifreq)    /* accept rtadvd on this interface */
+#endif
+#ifndef SIOCAUTOCONF_STOP
+#define SIOCAUTOCONF_STOP _IOWR('i', 133, struct in6_ifreq)    /* stop accepting rtadv for this interface */
+#endif
+
+// --------------------------------------------------------------------------
+// --------------------------------------------------------------------------
+// This source is from:
+// http://www.opensource.apple.com/source/Libinfo/Libinfo-406.17/gen.subproj/getifmaddrs.c?txt
+// It's here because OSX 10.6 does not have this convenience function.
+
+#define	SALIGN	(sizeof(uint32_t) - 1)
+#define	SA_RLEN(sa)	((sa)->sa_len ? (((sa)->sa_len + SALIGN) & ~SALIGN) : \
+(SALIGN + 1))
+#define	MAX_SYSCTL_TRY	5
+#define	RTA_MASKS	(RTA_GATEWAY | RTA_IFP | RTA_IFA)
+
+/* FreeBSD uses NET_RT_IFMALIST and RTM_NEWMADDR from <sys/socket.h> */
+/* We can use NET_RT_IFLIST2 and RTM_NEWMADDR2 on Darwin */
+//#define DARWIN_COMPAT
+
+//#ifdef DARWIN_COMPAT
+#define GIM_SYSCTL_MIB NET_RT_IFLIST2
+#define GIM_RTM_ADDR RTM_NEWMADDR2
+//#else
+//#define GIM_SYSCTL_MIB NET_RT_IFMALIST
+//#define GIM_RTM_ADDR RTM_NEWMADDR
+//#endif
+
+// Not in 10.6 includes so use our own
+struct _intl_ifmaddrs {
+	struct _intl_ifmaddrs *ifma_next;
+	struct sockaddr *ifma_name;
+	struct sockaddr *ifma_addr;
+	struct sockaddr *ifma_lladdr;
+};
+
+static inline int _intl_getifmaddrs(struct _intl_ifmaddrs **pif)
+{
+	int icnt = 1;
+	int dcnt = 0;
+	int ntry = 0;
+	size_t len;
+	size_t needed;
+	int mib[6];
+	int i;
+	char *buf;
+	char *data;
+	char *next;
+	char *p;
+	struct ifma_msghdr2 *ifmam;
+	struct _intl_ifmaddrs *ifa, *ift;
+	struct rt_msghdr *rtm;
+	struct sockaddr *sa;
+
+	mib[0] = CTL_NET;
+	mib[1] = PF_ROUTE;
+	mib[2] = 0;             /* protocol */
+	mib[3] = 0;             /* wildcard address family */
+	mib[4] = GIM_SYSCTL_MIB;
+	mib[5] = 0;             /* no flags */
+	do {
+		if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0)
+			return (-1);
+		if ((buf = (char *)malloc(needed)) == NULL)
+			return (-1);
+		if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) {
+			if (errno != ENOMEM || ++ntry >= MAX_SYSCTL_TRY) {
+				free(buf);
+				return (-1);
+			}
+			free(buf);
+			buf = NULL;
+		}
+	} while (buf == NULL);
+
+	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
+		rtm = (struct rt_msghdr *)(void *)next;
+		if (rtm->rtm_version != RTM_VERSION)
+			continue;
+		switch (rtm->rtm_type) {
+			case GIM_RTM_ADDR:
+				ifmam = (struct ifma_msghdr2 *)(void *)rtm;
+				if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
+					break;
+				icnt++;
+				p = (char *)(ifmam + 1);
+				for (i = 0; i < RTAX_MAX; i++) {
+					if ((RTA_MASKS & ifmam->ifmam_addrs &
+						 (1 << i)) == 0)
+						continue;
+					sa = (struct sockaddr *)(void *)p;
+					len = SA_RLEN(sa);
+					dcnt += len;
+					p += len;
+				}
+				break;
+		}
+	}
+
+	data = (char *)malloc(sizeof(struct _intl_ifmaddrs) * icnt + dcnt);
+	if (data == NULL) {
+		free(buf);
+		return (-1);
+	}
+
+	ifa = (struct _intl_ifmaddrs *)(void *)data;
+	data += sizeof(struct _intl_ifmaddrs) * icnt;
+
+	memset(ifa, 0, sizeof(struct _intl_ifmaddrs) * icnt);
+	ift = ifa;
+
+	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
+		rtm = (struct rt_msghdr *)(void *)next;
+		if (rtm->rtm_version != RTM_VERSION)
+			continue;
+
+		switch (rtm->rtm_type) {
+			case GIM_RTM_ADDR:
+				ifmam = (struct ifma_msghdr2 *)(void *)rtm;
+				if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
+					break;
+
+				p = (char *)(ifmam + 1);
+				for (i = 0; i < RTAX_MAX; i++) {
+					if ((RTA_MASKS & ifmam->ifmam_addrs &
+						 (1 << i)) == 0)
+						continue;
+					sa = (struct sockaddr *)(void *)p;
+					len = SA_RLEN(sa);
+					switch (i) {
+						case RTAX_GATEWAY:
+							ift->ifma_lladdr =
+							(struct sockaddr *)(void *)data;
+							memcpy(data, p, len);
+							data += len;
+							break;
+
+						case RTAX_IFP:
+							ift->ifma_name =
+							(struct sockaddr *)(void *)data;
+							memcpy(data, p, len);
+							data += len;
+							break;
+
+						case RTAX_IFA:
+							ift->ifma_addr =
+							(struct sockaddr *)(void *)data;
+							memcpy(data, p, len);
+							data += len;
+							break;
+
+						default:
+							data += len;
+							break;
+					}
+					p += len;
+				}
+				ift->ifma_next = ift + 1;
+				ift = ift->ifma_next;
+				break;
+		}
+	}
+
+	free(buf);
+
+	if (ift > ifa) {
+		ift--;
+		ift->ifma_next = NULL;
+		*pif = ifa;
+	} else {
+		*pif = NULL;
+		free(ifa);
+	}
+	return (0);
+}
+
+static inline void _intl_freeifmaddrs(struct _intl_ifmaddrs *ifmp)
+{
+	free(ifmp);
+}
+
+// --------------------------------------------------------------------------
+// --------------------------------------------------------------------------
+
+#include <string>
+#include <map>
+#include <set>
+#include <algorithm>
+
+#include "../node/Constants.hpp"
+#include "../node/Utils.hpp"
+#include "../node/Mutex.hpp"
+#include "../node/Dictionary.hpp"
+#include "OSUtils.hpp"
+#include "MacKextEthernetTap.hpp"
+
+// ff:ff:ff:ff:ff:ff with no ADI
+static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
+
+static inline bool _setIpv6Stuff(const char *ifname,bool performNUD,bool acceptRouterAdverts)
+{
+	struct in6_ndireq nd;
+	struct in6_ifreq ifr;
+
+	int s = socket(AF_INET6,SOCK_DGRAM,0);
+	if (s <= 0)
+		return false;
+
+	memset(&nd,0,sizeof(nd));
+	strncpy(nd.ifname,ifname,sizeof(nd.ifname));
+
+	if (ioctl(s,SIOCGIFINFO_IN6,&nd)) {
+		close(s);
+		return false;
+	}
+
+	unsigned long oldFlags = (unsigned long)nd.ndi.flags;
+
+	if (performNUD)
+		nd.ndi.flags |= ND6_IFF_PERFORMNUD;
+	else nd.ndi.flags &= ~ND6_IFF_PERFORMNUD;
+
+	if (oldFlags != (unsigned long)nd.ndi.flags) {
+		if (ioctl(s,SIOCSIFINFO_FLAGS,&nd)) {
+			close(s);
+			return false;
+		}
+	}
+
+	memset(&ifr,0,sizeof(ifr));
+	strncpy(ifr.ifr_name,ifname,sizeof(ifr.ifr_name));
+	if (ioctl(s,acceptRouterAdverts ? SIOCAUTOCONF_START : SIOCAUTOCONF_STOP,&ifr)) {
+		close(s);
+		return false;
+	}
+
+	close(s);
+	return true;
+}
+
+namespace ZeroTier {
+
+static long globalTapsRunning = 0;
+static Mutex globalTapCreateLock;
+
+MacKextEthernetTap::MacKextEthernetTap(
+	const char *homePath,
+	const MAC &mac,
+	unsigned int mtu,
+	unsigned int metric,
+	uint64_t nwid,
+	const char *friendlyName,
+	void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *data,unsigned int len),
+	void *arg) :
+	_handler(handler),
+	_arg(arg),
+	_nwid(nwid),
+	_homePath(homePath),
+	_mtu(mtu),
+	_metric(metric),
+	_fd(0),
+	_enabled(true)
+{
+	char devpath[64],ethaddr[64],mtustr[32],metstr[32],nwids[32];
+	struct stat stattmp;
+
+	OSUtils::ztsnprintf(nwids,sizeof(nwids),"%.16llx",nwid);
+
+	Mutex::Lock _gl(globalTapCreateLock);
+
+	if (::stat("/dev/zt0",&stattmp)) {
+		long kextpid = (long)vfork();
+		if (kextpid == 0) {
+			::chdir(homePath);
+			OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
+			::execl("/sbin/kextload","/sbin/kextload","-q","-repository",homePath,"tap.kext",(const char *)0);
+			::_exit(-1);
+		} else if (kextpid > 0) {
+			int exitcode = -1;
+			::waitpid(kextpid,&exitcode,0);
+		}
+		::usleep(500); // give tap device driver time to start up and try again
+		if (::stat("/dev/zt0",&stattmp))
+			throw std::runtime_error("/dev/zt# tap devices do not exist and cannot load tap.kext");
+	}
+
+	// Try to reopen the last device we had, if we had one and it's still unused.
+	std::map<std::string,std::string> globalDeviceMap;
+	FILE *devmapf = fopen((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),"r");
+	if (devmapf) {
+		char buf[256];
+		while (fgets(buf,sizeof(buf),devmapf)) {
+			char *x = (char *)0;
+			char *y = (char *)0;
+			char *saveptr = (char *)0;
+			for(char *f=Utils::stok(buf,"\r\n=",&saveptr);(f);f=Utils::stok((char *)0,"\r\n=",&saveptr)) {
+				if (!x) x = f;
+				else if (!y) y = f;
+				else break;
+			}
+			if ((x)&&(y)&&(x[0])&&(y[0]))
+				globalDeviceMap[x] = y;
+		}
+		fclose(devmapf);
+	}
+	bool recalledDevice = false;
+	std::map<std::string,std::string>::const_iterator gdmEntry = globalDeviceMap.find(nwids);
+	if (gdmEntry != globalDeviceMap.end()) {
+		std::string devpath("/dev/"); devpath.append(gdmEntry->second);
+		if (stat(devpath.c_str(),&stattmp) == 0) {
+			_fd = ::open(devpath.c_str(),O_RDWR);
+			if (_fd > 0) {
+				_dev = gdmEntry->second;
+				recalledDevice = true;
+			}
+		}
+	}
+
+	// Open the first unused tap device if we didn't recall a previous one.
+	if (!recalledDevice) {
+		for(int i=0;i<64;++i) {
+			OSUtils::ztsnprintf(devpath,sizeof(devpath),"/dev/zt%d",i);
+			if (stat(devpath,&stattmp))
+				throw std::runtime_error("no more TAP devices available");
+			_fd = ::open(devpath,O_RDWR);
+			if (_fd > 0) {
+				char foo[16];
+				OSUtils::ztsnprintf(foo,sizeof(foo),"zt%d",i);
+				_dev = foo;
+				break;
+			}
+		}
+	}
+
+	if (_fd <= 0)
+		throw std::runtime_error("unable to open TAP device or no more devices available");
+
+	if (fcntl(_fd,F_SETFL,fcntl(_fd,F_GETFL) & ~O_NONBLOCK) == -1) {
+		::close(_fd);
+		throw std::runtime_error("unable to set flags on file descriptor for TAP device");
+	}
+
+	// Configure MAC address and MTU, bring interface up
+	OSUtils::ztsnprintf(ethaddr,sizeof(ethaddr),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(int)mac[0],(int)mac[1],(int)mac[2],(int)mac[3],(int)mac[4],(int)mac[5]);
+	OSUtils::ztsnprintf(mtustr,sizeof(mtustr),"%u",_mtu);
+	OSUtils::ztsnprintf(metstr,sizeof(metstr),"%u",_metric);
+	long cpid = (long)vfork();
+	if (cpid == 0) {
+		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"lladdr",ethaddr,"mtu",mtustr,"metric",metstr,"up",(const char *)0);
+		::_exit(-1);
+	} else if (cpid > 0) {
+		int exitcode = -1;
+		::waitpid(cpid,&exitcode,0);
+		if (exitcode) {
+			::close(_fd);
+			throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
+		}
+	}
+
+	_setIpv6Stuff(_dev.c_str(),true,false);
+
+	// Set close-on-exec so that devices cannot persist if we fork/exec for update
+	fcntl(_fd,F_SETFD,fcntl(_fd,F_GETFD) | FD_CLOEXEC);
+
+	::pipe(_shutdownSignalPipe);
+
+	++globalTapsRunning;
+
+	globalDeviceMap[nwids] = _dev;
+	devmapf = fopen((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),"w");
+	if (devmapf) {
+		gdmEntry = globalDeviceMap.begin();
+		while (gdmEntry != globalDeviceMap.end()) {
+			fprintf(devmapf,"%s=%s\n",gdmEntry->first.c_str(),gdmEntry->second.c_str());
+			++gdmEntry;
+		}
+		fclose(devmapf);
+	}
+
+	_thread = Thread::start(this);
+}
+
+MacKextEthernetTap::~MacKextEthernetTap()
+{
+	::write(_shutdownSignalPipe[1],"\0",1); // causes thread to exit
+	Thread::join(_thread);
+
+	::close(_fd);
+	::close(_shutdownSignalPipe[0]);
+	::close(_shutdownSignalPipe[1]);
+
+	{
+		Mutex::Lock _gl(globalTapCreateLock);
+		if (--globalTapsRunning <= 0) {
+			globalTapsRunning = 0; // sanity check -- should not be possible
+
+			char tmp[16384];
+			sprintf(tmp,"%s/%s",_homePath.c_str(),"tap.kext");
+			long kextpid = (long)vfork();
+			if (kextpid == 0) {
+				OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
+				::execl("/sbin/kextunload","/sbin/kextunload",tmp,(const char *)0);
+				::_exit(-1);
+			} else if (kextpid > 0) {
+				int exitcode = -1;
+				::waitpid(kextpid,&exitcode,0);
+			}
+		}
+	}
+}
+
+void MacKextEthernetTap::setEnabled(bool en)
+{
+	_enabled = en;
+	// TODO: interface status change
+}
+
+bool MacKextEthernetTap::enabled() const
+{
+	return _enabled;
+}
+
+bool MacKextEthernetTap::addIp(const InetAddress &ip)
+{
+	if (!ip)
+		return false;
+
+	long cpid = (long)vfork();
+	if (cpid == 0) {
+		char tmp[128];
+		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),(ip.ss_family == AF_INET6) ? "inet6" : "inet",ip.toString(tmp),"alias",(const char *)0);
+		::_exit(-1);
+	} else if (cpid > 0) {
+		int exitcode = -1;
+		::waitpid(cpid,&exitcode,0);
+		return (exitcode == 0);
+	} // else return false...
+
+	return false;
+}
+
+bool MacKextEthernetTap::removeIp(const InetAddress &ip)
+{
+	if (!ip)
+		return true;
+	std::vector<InetAddress> allIps(ips());
+	for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
+		if (*i == ip) {
+			long cpid = (long)vfork();
+			if (cpid == 0) {
+				char tmp[128];
+				execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),(ip.ss_family == AF_INET6) ? "inet6" : "inet",ip.toIpString(tmp),"-alias",(const char *)0);
+				_exit(-1);
+			} else if (cpid > 0) {
+				int exitcode = -1;
+				waitpid(cpid,&exitcode,0);
+				return (exitcode == 0);
+			}
+		}
+	}
+	return false;
+}
+
+std::vector<InetAddress> MacKextEthernetTap::ips() const
+{
+	struct ifaddrs *ifa = (struct ifaddrs *)0;
+	if (getifaddrs(&ifa))
+		return std::vector<InetAddress>();
+
+	std::vector<InetAddress> r;
+
+	struct ifaddrs *p = ifa;
+	while (p) {
+		if ((!strcmp(p->ifa_name,_dev.c_str()))&&(p->ifa_addr)&&(p->ifa_netmask)&&(p->ifa_addr->sa_family == p->ifa_netmask->sa_family)) {
+			switch(p->ifa_addr->sa_family) {
+				case AF_INET: {
+					struct sockaddr_in *sin = (struct sockaddr_in *)p->ifa_addr;
+					struct sockaddr_in *nm = (struct sockaddr_in *)p->ifa_netmask;
+					r.push_back(InetAddress(&(sin->sin_addr.s_addr),4,Utils::countBits((uint32_t)nm->sin_addr.s_addr)));
+				}	break;
+				case AF_INET6: {
+					struct sockaddr_in6 *sin = (struct sockaddr_in6 *)p->ifa_addr;
+					struct sockaddr_in6 *nm = (struct sockaddr_in6 *)p->ifa_netmask;
+					uint32_t b[4];
+					memcpy(b,nm->sin6_addr.s6_addr,sizeof(b));
+					r.push_back(InetAddress(sin->sin6_addr.s6_addr,16,Utils::countBits(b[0]) + Utils::countBits(b[1]) + Utils::countBits(b[2]) + Utils::countBits(b[3])));
+				}	break;
+			}
+		}
+		p = p->ifa_next;
+	}
+
+	if (ifa)
+		freeifaddrs(ifa);
+
+	std::sort(r.begin(),r.end());
+	r.erase(std::unique(r.begin(),r.end()),r.end());
+
+	return r;
+}
+
+void MacKextEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
+{
+	char putBuf[ZT_MAX_MTU + 64];
+	if ((_fd > 0)&&(len <= _mtu)&&(_enabled)) {
+		to.copyTo(putBuf,6);
+		from.copyTo(putBuf + 6,6);
+		*((uint16_t *)(putBuf + 12)) = htons((uint16_t)etherType);
+		memcpy(putBuf + 14,data,len);
+		len += 14;
+		::write(_fd,putBuf,len);
+	}
+}
+
+std::string MacKextEthernetTap::deviceName() const
+{
+	return _dev;
+}
+
+void MacKextEthernetTap::setFriendlyName(const char *friendlyName)
+{
+}
+
+void MacKextEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
+{
+	std::vector<MulticastGroup> newGroups;
+
+	struct _intl_ifmaddrs *ifmap = (struct _intl_ifmaddrs *)0;
+	if (!_intl_getifmaddrs(&ifmap)) {
+		struct _intl_ifmaddrs *p = ifmap;
+		while (p) {
+			if (p->ifma_addr->sa_family == AF_LINK) {
+				struct sockaddr_dl *in = (struct sockaddr_dl *)p->ifma_name;
+				struct sockaddr_dl *la = (struct sockaddr_dl *)p->ifma_addr;
+				if ((la->sdl_alen == 6)&&(in->sdl_nlen <= _dev.length())&&(!memcmp(_dev.data(),in->sdl_data,in->sdl_nlen)))
+					newGroups.push_back(MulticastGroup(MAC(la->sdl_data + la->sdl_nlen,6),0));
+			}
+			p = p->ifma_next;
+		}
+		_intl_freeifmaddrs(ifmap);
+	}
+
+	std::vector<InetAddress> allIps(ips());
+	for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip)
+		newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip));
+
+	std::sort(newGroups.begin(),newGroups.end());
+	std::unique(newGroups.begin(),newGroups.end());
+
+	for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) {
+		if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m))
+			added.push_back(*m);
+	}
+	for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) {
+		if (!std::binary_search(newGroups.begin(),newGroups.end(),*m))
+			removed.push_back(*m);
+	}
+
+	_multicastGroups.swap(newGroups);
+}
+
+void MacKextEthernetTap::setMtu(unsigned int mtu)
+{
+	if (mtu != _mtu) {
+		_mtu = mtu;
+		long cpid = (long)vfork();
+		if (cpid == 0) {
+			char tmp[64];
+			OSUtils::ztsnprintf(tmp,sizeof(tmp),"%u",mtu);
+			execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"mtu",tmp,(const char *)0);
+			_exit(-1);
+		} else if (cpid > 0) {
+			int exitcode = -1;
+			waitpid(cpid,&exitcode,0);
+		}
+	}
+}
+
+void MacKextEthernetTap::threadMain()
+	throw()
+{
+	fd_set readfds,nullfds;
+	MAC to,from;
+	int n,nfds,r;
+	char getBuf[ZT_MAX_MTU + 64];
+
+	Thread::sleep(500);
+
+	FD_ZERO(&readfds);
+	FD_ZERO(&nullfds);
+	nfds = (int)std::max(_shutdownSignalPipe[0],_fd) + 1;
+
+	r = 0;
+	for(;;) {
+		FD_SET(_shutdownSignalPipe[0],&readfds);
+		FD_SET(_fd,&readfds);
+		select(nfds,&readfds,&nullfds,&nullfds,(struct timeval *)0);
+
+		if (FD_ISSET(_shutdownSignalPipe[0],&readfds)) // writes to shutdown pipe terminate thread
+			break;
+
+		if (FD_ISSET(_fd,&readfds)) {
+			n = (int)::read(_fd,getBuf + r,sizeof(getBuf) - r);
+			if (n < 0) {
+				if ((errno != EINTR)&&(errno != ETIMEDOUT))
+					break;
+			} else {
+				// Some tap drivers like to send the ethernet frame and the
+				// payload in two chunks, so handle that by accumulating
+				// data until we have at least a frame.
+				r += n;
+				if (r > 14) {
+					if (r > ((int)_mtu + 14)) // sanity check for weird TAP behavior on some platforms
+						r = _mtu + 14;
+
+					if (_enabled) {
+						to.setTo(getBuf,6);
+						from.setTo(getBuf + 6,6);
+						unsigned int etherType = ntohs(((const uint16_t *)getBuf)[6]);
+						// TODO: VLAN support
+						_handler(_arg,(void *)0,_nwid,from,to,etherType,0,(const void *)(getBuf + 14),r - 14);
+					}
+
+					r = 0;
+				}
+			}
+		}
+	}
+}
+
+} // namespace ZeroTier
diff --git a/osdep/MacKextEthernetTap.hpp b/osdep/MacKextEthernetTap.hpp
new file mode 100644
index 00000000..fbf2694b
--- /dev/null
+++ b/osdep/MacKextEthernetTap.hpp
@@ -0,0 +1,93 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2018  ZeroTier, Inc.  https://www.zerotier.com/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * You can be released from the requirements of the license by purchasing
+ * a commercial license. Buying such a license is mandatory as soon as you
+ * develop commercial closed-source software that incorporates or links
+ * directly against ZeroTier software without disclosing the source code
+ * of your own application.
+ */
+
+#ifndef ZT_MacKextEthernetTap_HPP
+#define ZT_MacKextEthernetTap_HPP
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <stdexcept>
+#include <string>
+#include <vector>
+
+#include "../node/Constants.hpp"
+#include "../node/MAC.hpp"
+#include "../node/InetAddress.hpp"
+#include "../node/MulticastGroup.hpp"
+
+#include "Thread.hpp"
+#include "EthernetTap.hpp"
+
+namespace ZeroTier {
+
+class MacKextEthernetTap : public EthernetTap
+{
+public:
+	MacKextEthernetTap(
+		const char *homePath,
+		const MAC &mac,
+		unsigned int mtu,
+		unsigned int metric,
+		uint64_t nwid,
+		const char *friendlyName,
+		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
+		void *arg);
+
+	virtual ~MacKextEthernetTap();
+
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
+
+	void threadMain()
+		throw();
+
+private:
+	void (*_handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int);
+	void *_arg;
+	uint64_t _nwid;
+	Thread _thread;
+	std::string _homePath;
+	std::string _dev;
+	std::vector<MulticastGroup> _multicastGroups;
+	unsigned int _mtu;
+	unsigned int _metric;
+	int _fd;
+	int _shutdownSignalPipe[2];
+	volatile bool _enabled;
+};
+
+} // namespace ZeroTier
+
+#endif
diff --git a/osdep/NetBSDEthernetTap.hpp b/osdep/NetBSDEthernetTap.hpp
index 32b6dfa6..a174816e 100644
--- a/osdep/NetBSDEthernetTap.hpp
+++ b/osdep/NetBSDEthernetTap.hpp
@@ -38,10 +38,11 @@
 #include "../node/MulticastGroup.hpp"
 #include "../node/MAC.hpp"
 #include "Thread.hpp"
+#include "EthernetTap.hpp"
 
 namespace ZeroTier {
 
-class NetBSDEthernetTap
+class NetBSDEthernetTap : public EthernetTap
 {
 public:
 	NetBSDEthernetTap(
@@ -54,17 +55,17 @@ public:
 		void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~NetBSDEthernetTap();
+	virtual ~NetBSDEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
 
 	void threadMain()
 		throw();
diff --git a/osdep/TestEthernetTap.hpp b/osdep/TestEthernetTap.hpp
deleted file mode 100644
index 6b44d48e..00000000
--- a/osdep/TestEthernetTap.hpp
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
- * ZeroTier One - Network Virtualization Everywhere
- * Copyright (C) 2011-2019  ZeroTier, Inc.  https://www.zerotier.com/
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * --
- *
- * You can be released from the requirements of the license by purchasing
- * a commercial license. Buying such a license is mandatory as soon as you
- * develop commercial closed-source software that incorporates or links
- * directly against ZeroTier software without disclosing the source code
- * of your own application.
- */
-
-#ifndef ZT_TESTETHERNETTAP_HPP
-#define ZT_TESTETHERNETTAP_HPP
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-
-#include <string>
-#include <vector>
-#include <stdexcept>
-#include <set>
-
-#include "../node/Constants.hpp"
-#include "../node/InetAddress.hpp"
-#include "../node/MulticastGroup.hpp"
-#include "../node/Mutex.hpp"
-#include "../node/Utils.hpp"
-#include "../osdep/OSUtils.hpp"
-
-namespace ZeroTier {
-
-/**
- * Dummy test Ethernet tap that does not actually open a device on the system
- */
-class TestEthernetTap
-{
-public:
-	TestEthernetTap(
-		const char *homePath,
-		const MAC &mac,
-		unsigned int mtu,
-		unsigned int metric,
-		uint64_t nwid,
-		const char *friendlyName,
-		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
-		void *arg) :
-		_nwid(nwid),
-		_dev("zt_test_"),
-		_enabled(true)
-	{
-		char tmp[32];
-		OSUtils::ztsnprintf(tmp,sizeof(tmp),"%.16llx",(unsigned long long)_nwid);
-		_dev.append(tmp);
-#ifdef ZT_TEST_TAP_REPORT_TO
-		_reportTo.fromString(ZT_TEST_TAP_REPORT_TO);
-		if (_reportTo.ss_family == AF_INET)
-			_reportsock = socket(AF_INET,SOCK_DGRAM,0);
-		else if (_reportTo.ss_family == AF_INET6)
-			_reportsock = socket(AF_INET6,SOCK_DGRAM,0);
-		else _reportsock = -1;
-#endif
-	}
-
-	~TestEthernetTap()
-	{
-#ifdef ZT_TEST_TAP_REPORT_TO
-		if (_reportsock >= 0)
-			close(_reportsock);
-#endif
-	}
-
-	inline void setEnabled(bool en) { _enabled = en; }
-	inline bool enabled() const { return _enabled; }
-
-	inline bool addIp(const InetAddress &ip)
-	{
-		Mutex::Lock _l(_lock);
-		_ips.insert(ip);
-		return true;
-	}
-
-	inline bool removeIp(const InetAddress &ip)
-	{
-		Mutex::Lock _l(_lock);
-		_ips.erase(ip);
-		return true;
-	}
-
-	inline std::vector<InetAddress> ips() const
-	{
-		Mutex::Lock _l(_lock);
-		return std::vector<InetAddress>(_ips.begin(),_ips.end());
-	}
-
-	inline void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
-	{
-#ifdef ZT_TEST_TAP_REPORT_TO
-		char tmp[10000];
-		if ((_reportsock >= 0)&&(len < (sizeof(tmp) - 22))) {
-			const uint64_t nwid2 = Utils::hton(_nwid);
-			memcpy(tmp,&nwid2,8);
-			from.copyTo(tmp + 8,6);
-			to.copyTo(tmp + 14,6);
-			const uint16_t etherType2 = Utils::hton((uint16_t)etherType);
-			memcpy(tmp + 20,&etherType2,2);
-			memcpy(tmp + 22,data,len);
-			sendto(_reportsock,tmp,len + 22,0,reinterpret_cast<const struct sockaddr *>(&_reportTo),(_reportTo.ss_family == AF_INET) ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6));
-		}
-#endif
-	}
-
-	inline std::string deviceName() const
-	{
-		return _dev;
-	}
-
-	inline void setFriendlyName(const char *friendlyName)
-	{
-	}
-
-	inline void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
-	{
-	}
-
-	inline void setMtu(unsigned int mtu)
-	{
-	}
-
-private:
-	uint64_t _nwid;
-	std::string _dev;
-	std::set<InetAddress> _ips;
-	InetAddress _reportTo;
-#ifdef ZT_TEST_TAP_REPORT_TO
-	int _reportsock;
-#endif
-	bool _enabled;
-	Mutex _lock;
-};
-
-} // namespace ZeroTier
-
-#endif
diff --git a/osdep/WindowsEthernetTap.hpp b/osdep/WindowsEthernetTap.hpp
index 78a95672..7a863875 100644
--- a/osdep/WindowsEthernetTap.hpp
+++ b/osdep/WindowsEthernetTap.hpp
@@ -41,10 +41,11 @@
 #include "../node/MulticastGroup.hpp"
 #include "../node/InetAddress.hpp"
 #include "../osdep/Thread.hpp"
+#include "EthernetTap.hpp"
 
 namespace ZeroTier {
 
-class WindowsEthernetTap
+class WindowsEthernetTap : public EthernetTap
 {
 public:
 	/**
@@ -97,18 +98,18 @@ public:
 		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~WindowsEthernetTap();
+	virtual ~WindowsEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
-	void setMtu(unsigned int mtu);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
 
 	inline const NET_LUID &luid() const { return _deviceLuid; }
 	inline const GUID &guid() const { return _deviceGuid; }
@@ -118,7 +119,7 @@ public:
 	void threadMain()
 		throw();
 
-    bool isInitialized() const { return _initialized; };
+	bool isInitialized() const { return _initialized; };
 
 private:
 	NET_IFINDEX _getDeviceIndex(); // throws on failure
-- 
cgit v1.2.3