From aca31c7055bb500cc3783a07ce7158d3ec4e07b7 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 7 Aug 2019 18:14:12 -0500
Subject: [PATCH] Put kext back in Mac distro and use on versions older than
 High Sierra (which lack the feth device)

---
 ext/bin/tap-mac/tap.kext/Contents/Info.plist  |   36 +
 ext/bin/tap-mac/tap.kext/Contents/MacOS/tap   |  Bin 0 -> 50496 bytes
 .../Contents/_CodeSignature/CodeResources     |  105 ++
 ext/installfiles/mac/ZeroTier One.pkgproj     | 1525 ++++++++++-------
 ext/installfiles/mac/postinst.sh              |    9 +-
 osdep/BSDEthernetTap.hpp                      |   25 +-
 osdep/EthernetTap.cpp                         |  117 ++
 osdep/EthernetTap.hpp                         |   72 +
 osdep/LinuxEthernetTap.cpp                    |   21 +-
 osdep/LinuxEthernetTap.hpp                    |   31 +-
 osdep/MacEthernetTap.cpp                      |   21 +-
 osdep/MacEthernetTap.hpp                      |   40 +-
 osdep/MacKextEthernetTap.cpp                  |  703 ++++++++
 osdep/MacKextEthernetTap.hpp                  |   93 +
 osdep/NetBSDEthernetTap.hpp                   |   23 +-
 osdep/TestEthernetTap.hpp                     |  161 --
 osdep/WindowsEthernetTap.hpp                  |   27 +-
 17 files changed, 2094 insertions(+), 915 deletions(-)
 create mode 100644 ext/bin/tap-mac/tap.kext/Contents/Info.plist
 create mode 100755 ext/bin/tap-mac/tap.kext/Contents/MacOS/tap
 create mode 100644 ext/bin/tap-mac/tap.kext/Contents/_CodeSignature/CodeResources
 create mode 100644 osdep/EthernetTap.cpp
 create mode 100644 osdep/EthernetTap.hpp
 create mode 100644 osdep/MacKextEthernetTap.cpp
 create mode 100644 osdep/MacKextEthernetTap.hpp
 delete mode 100644 osdep/TestEthernetTap.hpp

diff --git a/ext/bin/tap-mac/tap.kext/Contents/Info.plist b/ext/bin/tap-mac/tap.kext/Contents/Info.plist
new file mode 100644
index 000000000..c20eefa58
--- /dev/null
+++ b/ext/bin/tap-mac/tap.kext/Contents/Info.plist
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>English</string>
+	<key>CFBundleExecutable</key>
+	<string>tap</string>
+	<key>CFBundleIdentifier</key>
+	<string>com.zerotier.tap</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>tap</string>
+	<key>CFBundlePackageType</key>
+	<string>KEXT</string>
+	<key>CFBundleShortVersionString</key>
+	<string>20150118</string>
+	<key>CFBundleSignature</key>
+	<string>????</string>
+	<key>CFBundleVersion</key>
+	<string>1.0</string>
+	<key>OSBundleLibraries</key>
+	<dict>
+		<key>com.apple.kpi.mach</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.bsd</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.libkern</key>
+		<string>8.0</string>
+		<key>com.apple.kpi.unsupported</key>
+		<string>8.0</string>
+	</dict>
+</dict>
+</plist>
+
diff --git a/ext/bin/tap-mac/tap.kext/Contents/MacOS/tap b/ext/bin/tap-mac/tap.kext/Contents/MacOS/tap
new file mode 100755
index 0000000000000000000000000000000000000000..48bf9625551ea8af1d97fe3a0868e499ab55a48c
GIT binary patch
literal 50496
zcmX^A>+L^w1_nlE1_lOh1_lNW1_p)*W(I~<1_+R3U|@K`z`zh6AL1Gj0ue(Y6Hs^z
z3{XBh0|Nsq0|NsSR60JsB(<Uh%E4k@01rfNy+4Eo@mU~D2+6|G0AWDL`1s`FlA_GK
zbO;y2egC5&5}!aGV_;x_@gbrJcft4|e|9i}{ORHt;s_IEfcu9*04fIcAB+$3C&&tz
zTjS%C^Ye-k9*vL3Ze9RL6UfK}1_l@t#6`#P@hOQVi3m}2^8%6~a#oBG8pOwMUUGhJ
zZhjs_HKu<jq(Ec@KnVfDWPte%#D!V|VuEped{S{Sm<1uw-M1hIA}#@;z$CK!(9HwI
zg9kW$_;~txySjM7(p&*pD<VFie1}koI4B;F%>t!6kewAp3=Dr57#L1;FfeF{L(+Hv
zL<@s10|OWrGB7aAV_;y2gNoy$ESeY?E`byjFff3Usx$)w1IV84rE|D8FE^3c|8>hm
zpXbG1S_}-ZBmz>+APePxn9slvpb8cmB}PMFGz3ONU^E0qLtr!nMnhm&gg~fA=Tnd7
zHwGS^wI4h>OJ8_2)_wqajK9U6fq}uJyY>U9H^Jc1>H5H<vGxH(N**lb`oN=`!=t-%
z0hm|%!lU!}|BIcje_pCFFfhCXsq|>91?%Q-0reI<x@%v6xt*?ej=TO5W?*3GcKzeg
ze8eF3a2mgS3rGh8hI=|gK^8;Z<O;S5;ielNjkPyG`uJNwZ8VQ=*BcNwtpF<webIT%
zqdW8g++`qVfL%tE{hg(6JW#B60-K7}dL^(F%=!%=zm>ir((bghG(9x`JHX=u<bY0J
zkVm0m0O}|q$IAte#@Y*zFtCO=;sPWLc7S=MFTk$ouD#*WS$o2x^SDR1>j{re-vb_<
z2YtF-4><n60E#p0A>$BxI1LQY-4}rFKA%okkVBwuj0and2&fYtjkPBrZiFN&*Aoyo
z9snyuxY4KE^@2xd?E#284|sI??f|>fcZVY+ZDDt3K<r_Dd2oLdnts6H2aUf@-#ds@
z9S*h-;WCh;p`m9EmU4xL9>}@fkSOe~z0+BH#-sDNOSkJ8P|&$_9`xvTJwPDj_~l&~
zVCh)_6kZ_rz_XVf*fxYiK&c#>z2v}Bu<QkL9mpZD+=V>^6hI+>W*?dP8I++sx{>lT
z9vfl)6Y%J){o&DA`vVfm24El5{s3opk51PQhzJ1n%RRbXKY-%D^Z5UXAU}h%q(}1+
zf!M>)_!HOxDjvXwc9wpCNTGx$s(feY3y)6U2OiBw6d)-UJ-sTx)pwSD@#qYF(dqjH
zp&B#)A?ydK2fHi{Za*mT|M2Lp{o!%k9o+5qI1cL0G8}gYd5*!O`3MInHjvXJBz(GS
zf4tcJ|NnnX{~+W+gF2Y<p!5T=vJsSl7(mI1zl9$h%%HHe0Ecv^>l<*;9tXt&gU4|P
zu<MRHz?`Lk2w#u^pi%@J#2|M~hPw-t;W5GwtR7T9beDc;tP=qF&7-sQ0e>qe0|Ub`
z*Z&MJK?56x2Re_zi+PXk(gz-mpmff_-zoxe>I;u<-v=I@jvOAHj4wfbY>#eGI<MdW
zB{;AjJi1+9fOU4daeySdJp>vLf<_8DJp_)q{%7oR{jb8vzwH1d_9j5n3n+X(fc*mx
zp9lP{ydX=DyMhztOHjCh3<M`U-xnU;kT5g61gaxIj$%Y|x$A@O0D;Cs|NsC0-x(m_
z(d`RLUq3v$U4KCAMX#>}JbGCZeHa)#SV3V83sjFzc8|^<9;_B1cYrI{<1eChLDj13
z2M<=zu!%?K@fV(OkqEH5<1ftNA_9yI3?MaI|Nj3EiCTvYP~;wSC}23|P{`<U+@S)*
zKi&X}5fICR6;zRe^niFfLE+wc4y5&X0}Ch^K~@}Z;D9k%6+i-=$6;ar;aGzPNDh(&
z(_rBX@?WDjF8@JX32Hzbe=!^6(q7gUP+)Y|e(-2K4)WFi0FVj!2tknNA%al|K~Ok>
z1kv)FNAnv6k6u<rWcwkJ4Jvd%`4Ae;P<Mb@A}@p??)U@J)Lr`m#U0NPf(Un9LI@(<
z0WD52>SuU<1?7wXqGev7NQD*VVCSRNM`@iOKuXg(UEhI{DgXA;cisLR9-XxhI=^?G
zdjT50H9YCKV*?`tgHJE7s2j+<&<8%<K?2=H9G%BIOYd}^>pbPtDWcNtdZ*Jxg<}JF
zn3ut)+xLNIr(=a@V<k8t@VBZnFfi-~4cU40nqG1RnFGpU0Rr6~Fg@Vx3K}Ft%TErm
zhr#h3&{_MZv-C%I>7RqoB)Cg|bb<<CaFOPKTHb?#zOf!`FUWKJE#M3XF5D|B;3*20
zMxjXxRJ@>ur(?Kdm}978NU%ra8*t^*+p6&Y|9_ue)_Ffc6mR-B5GDHHD~OV<{Qm#H
zN3X09Sk83z50IcO3z$;f3s$MC_VxdNNOPz3fJbNOj!xe#9^IiQj<;(3|NkG9B|JK>
zc{Cn_r2VZR%RIV^1Ux#o8vOtNzuSwWv)2O5km&5S0W)MedmTVd>Rjsqrj`bPsl5?k
zYHI?h@a&wM0p`su0Q0VSbZ)Hx3xqcKbozGqbh=LPIPN+Flr25FOLus5mM-Y_-O}m1
z0^%4@z6LdWI;RT!|NkExdY!E@|NsAQ+zTQ>+W1=>kRn&y1r)ihAk`k-;P`dv25W#O
z4UcZHNgl_YKt?khbG^>+atSE6cSH45WO#I!9>8H!7?Mp7oQbokyD9^08Wx*7TY3Kf
z|Nl~jfq`M4Lk9!HuK)j$%&dUuJLY<wv9p!q|NsA8uGb-@eB%*NiimcMag240bBu@7
z?wIv8sQic4kM&^RdUV#l;BUDI_O9!TV-7_O9^Ft|I$ggs)_#G6C#cyD%Pi_(UxI2M
zXkfa2frq5)3lCOMIR>r?x&tFXJ&GU!P+isKQPl8}@!LU0{#MZZ$xF~cGDsXveRq(8
zN8`aFkb63hdvu=rf9d5uP%;74c9<qhfK7lo7;NcrN3g#-U7_t3)bgdk@Y^oXEC{^j
z>2}ZX=&aoVs|P%KL2c~X9Uk5F8J(_Mz_ElB4y{i>4g<Lb)XxJ|$&H{gkb%GD5J;l8
z_JBvX>kf}@50IfNJUY*V4e;pp-Qm$)nc>mtx&SP&3sm`aUi0V`1x?9#bl0x%==NRU
z*m(dNj$nC@Uf%=Y3clOUqwyd}hezkRPS-hL6Zp4<UTpjYnhfZ4ox$G%4pAKj28JDy
znF<Y^hoE|Qcy!x=eB#pOdeNh^c7jLecSrthAAGufCpiAU2(IK=K}{b}ul1!aIGCYb
zPmks!1)wy9(!PPW=epbrOc){Q4%&u;m3Iyu7d(1FjfC1C9-XBhR2Vy4-+OeI{_yDh
z?$LN0REc<Wf_hlzJ-U5wcyyLt@aR1E0#qe`bA8Xq-vTajx?L|c?f})nAn)<F7%?y~
zfMsEABd9E>_C?nLD$e;^LGu<Kpbk=Z2dMrAC1{WC(hs1H(HW24+6OPdO`PT<pk5nV
ze-ct(ftu2wGP}F<!wX|!22e{?02CUS`3a;RrHXyg%!*IFgF^?Xe*4kk`W@7|1~<mL
zeSdsw1T`iYJvx0)@V9`R56f%M?HL%LiQ?r_P?-Soq2VRN1DywbdVO#3Z>#+d>S%#F
zsNi(b>3XHH_6j7=f~Ig_=A5x-VCW9L0y8QKlv=x8Pe2+mpa$IyP{R_`1I92$3aNlw
zWe+NhLSJ<I!i)m-k|Cym20?Csb$dX97F2<uq#uvwHx3@XuAmO~htASBu+B)g?+1_0
z^B#@IL0Jh>8y)xPE(LeKU!?p4H|P$0b0}csZvl07j=TN=WrpLfS3oJ?C8V@*JpgX5
z9{(Tc(CK;s-q9BVjW4)@I_@y#nh>8KIOb3Q^7aFWgS%@Fbhd+%;c-{cq#6TMwMTF5
zjTb`y{{M%JzhFr(B>QIysJYec3iS_Y5)jlw1~pS*9`FDOc(6j+XvbeDe})7AyoBm@
zJ%HMFMRoH_J_ZJc<F0=|{S9Pqc>hKA2Dts=(fp<W79XHKaA)WfP(Fd=RcK^v09Cc!
zt{Xf$OILVw9(!@+&;S3&UBM~LquX@_Bw9=$fx5z@u>xH9^0$EM3y?f0?}3AufBT8X
zhoA^+{0UB-t<b0hm0ZVN&wylJsxvV#cpP^Hjdd`1G}eM?{#I5{)4tnv1tLfcKta;!
zdH|v34%7kP910ovVMZ&10|H_+hy=&x6GjFG!vmeicZq?F?dAPr14_{#ztt`PdAz%H
zfloKIm<DO+biMH60wV(h)+7ZomEmOp$Ruiqg)}2{Y!KY%fBE*`|Npx{fdmOu4v%in
z1W=;{RKH&I=&psfP7Z>)W}Uu}I->JnckP_cb1w`T85lZU_rO(km+tZC1`Py2Iy1=m
z1yp1p)Il>2#Ft&*th9&O^-8Df6}TD?P&B~CD-BO}obs>*MQ=ywZ2mq_LWD=r)B_!^
zv%6epuVCbF_4)t*|2~js3{OJ5Q<2dfdIg+JVCp+vr|`Fck}%vRcq#`w2NX3gDt^I|
zG`Oz9R^EWhXGnXe+uoy_{eOT2q;(BT{}}QDsPa7UCcbs)5B_G*phLIopH9~=FWJE1
z@uSoAOSkJ6kLDvh;0gk@ylZ>|8sH?9#b!XV*bI-((g~m}R`?T~<0qixtqB-;YXXsZ
z3sOu5GBYq3LPFi6H}nK7utB4D44tk${H>tDXjpCW&Jteh9C!T#8rFiABrmx@#y|!y
zpk{Q}LKvL~JAL;YcijStevfWfgzG%IODA}A*JX6Nc7Sc=-*%!qw1e?fXXpk<DPMX3
zlxo3pkkrH9*UktU^WLECx&<WF>DmI8?L63Bx~KE}iv&=KT-(xl>_ynW|NlEd4K8Q~
z0Cg8olJ=U$+BF~-@wXTvRb$$gpxST^v^MmBd7(RWO=svIm{;YQKyKL4?Yl=4<TX%2
z^ym&f;L*7k)LZfBybg9#x9^V5Qyz>LJi4L6$6&(Dpgs%O{a_K8*Fd4!?YhO<bpwAB
zsPKC^n*mh1>;b#7wUYrknjo!3kH%Wi)B!_hYsvrr|M^?>k$mD}0goxTH_)Oi99%qs
zTBfBC^9)ad20B2+9Z0bDKxZqcBL;CKq9p0`-SZMs`PQC*#AgAd^8vC4)E_(7*_s3E
zfPusyk+~Pr#rqC54$6fD3MjkRo&fdF!LslopmqYNk=h-)rL#2#W}@LGkM7zDKHcoT
z-439V?nGxRs1ND*{{qym2|nF!86KT`AstLeQO3XRgGV=51Z;uf$<9+CQ$VJJTn85H
zbVZ~IJ*1FyH^&UgZr?SXzVHMAD$n4h5I9$XOQBC+A*E2`5m06aPthR8mlHt!eNf#B
znjq=)y#pTp?+*O{>dH1Bv+(EzO*Mq>cu@=Lh<As+*jby#($IO%qw~6lCa8tD!K1Tw
z1%HbdY^G>O9Z3G5M|bE356x2^ouLc(TR{Vg;93IIpzr2rJ;^`iP{SieP*0>Ipb+lj
zBcKxZr3<8{d;sgWK&xTU@}%Rg5G9J>dK20Xf(Svqj-(3Y@)zH~K)l|3BmrFdVYZLK
zT?Ww5Fru;d!=v+*NAn?&-*13|q0{%oi@GoHRz<h#7st*6j?FKaI$e*rbh;kkZvm}e
z0(-FA^+@vz#!lBg{H=ko5CJtn5lw?s1_lOD6$8p;u#609z<PAoK7gnMkNSbj2uPxQ
z2^x}yDh0)7x9gSTuAmy9q0@E83sJBScX%`(2>|;LrF;i_&ZE2bM`JyxMasZG<p5Hr
z2vi-Rj^B7RzX551%pZ1_f(HA+Nz$XU^Z<V=#L3`be>n%7XJM^GX!Gg-Mip=XcNGBY
zM1aapum#6m|9}QWI$ig?bOM_U?d7S0dRX8Jo4-{XDKF%kFu-~p$YzK!fEp4zUjBoJ
zJ$&ABIV4%V0QDr{TEGQOCupFc7TV74t-S$h-9lQI$6mC40@rm1pfLy<3GY1qV*QK%
z|3R^+0X7w;8P?1=?)nEb1qF?>PS-84C<GOupeTG1{|S^XuYl9a2L2X5n0sG(gZj9j
zJO^$>!yLf?a|B{|7p;j6PVJnZK#3F_L6H6cC`q979~<9*W@$iK9yEmonvv`d{m@<d
zrt^cYO{U>tkIt!}(y?<ZsFZ`0XZ-yWVUFtt7k;`DpbmU%2&km*2Sp7e;X~wjz;d7x
zkH4i9O`iZ*4%D>bZ{cTRV0h`r%)kIO6Fex;3L25)Z_#FkHY}lXCSZLoAp2T&gY=0Z
z^x0+_9`0-f4e0T=90xT>K_d>JQpTgx6*SWd8ggPlO}Y0$ZTRk5NJp^4^*aAH-|LM(
zLFo)KxeYCjUTz1e>vf%Q+_eXkcRWDzuHZR=?$91kBM20iAn!Bqw}M9vdO<CU+8Z9=
zad=EMpz$&fxEj#38itw{&}{sE&~UCtujxKRcnXKP2$UK4x4A9^x!Cdqe=BIvlYg7*
zMi?LDO#W@I2ci5H(8|jFpjMzqujy<<P%okt6uZzNMrhk&CrDT4Igeh^EPVzBk6uuf
z23F?T?IGaW?Eo8UcHAMA>CoT;9=Vy|(&c;IrNeh2l->xX4|;S%22f#xI=<IEI`@JG
zU?Jl=AAP!~f_R;+CjbBccl>_|<}+_baE}laq%ZBk`QP<{N2hCpM`JCh&x?pbPzHY~
z3sKPko1%eKt(^xuduu?sr`r`Kle`x!!1%)h(t_~l2Kx-sYz0rT_lmAEU|`sxzzhnV
zy`WZxb}Lv<@&}LZUQlRtcY<614Xn;q(6I7La2LH-v>umMxN4pM@C^A9v|bvLGFw5T
z%N~t;K@`Z#@bn4x9eC&m;!sfG>CxQ_QrBH504pd#S~|hw-!GwcBS-{V#QaGExBCBh
zG#&xvbZ})4s!-tb*P!u$2cW@4Se@4$`U6y%!^gfZfE)Xuaj(!5FWTRNM(Dvc6KM6p
z36IVu(12C9@0ZRl&;ZzR*E^s}`$hlT|Njj^GkFde^QAjLE&^Ey8g7I1UEuSt;Q1i<
z)XxvtNUMJYsDuLb90NfkvmcH*6fwf&d_Q<}S4Mbr*Bih`VQWFtL>{0fqw5P$>kBj`
z2N`q$DJ}#L@rHrARiHT_l={)5`3<Ch1s+c;1@*%|cy!u%bbfzP3o3HK^FI?H06ISj
zR)5?TJn9S@d}d@|;O_-><UM*>cbYITcqIFN@i@)`?zVKhegTaQFo1ev7ykeMe~fjS
z4FdxsBoLtHf$Lke!njBS+#2Yta_~6r1S%>RzOlxDb#{iHfK1ea+L$jgLCGCbW1aAT
zj*}jH;mpLqupczv>CtQY+z7IXfC1FH>~ynetOMo0|EP0I2f&k*p%0+R7Br~@t-4-b
z0(W!XbRP6L_>j5tMCb7rU&TRL#rK3qr=x*KV<p&isKzbAZCo=X=brHB_AuxUebaf(
z<KQ!9*dX+ASI`0phHlpj)~;{(dqLw1;094Q2Q(!l`$C)6;RYU^ET=q@K`T7`4Lllc
z4uWz3e@hamHU^9Op77`nH1OzVIponT-~pO@E3`=K{N7!9A<eP#Lt1C;F^|sUX)fKq
z#~k^$e{|*Fe!-(NbcajlB~Y96{{>Lh4(|GZiAHdix&V#J3y}KG^#Us>j5}Q~Kq`SA
zZyc6)9{(Q{0dXsmtH7E(I$bxwr`k4nKt0Oway}@nxc-L?^1bvybHL4i|Np}Zb{8E`
zsm)skrdZ95K(P~g!YA3u!mCr{0BF1v5v`2SXazSxK!$c9rr<$M1yF+!PyVR=0UCUJ
z(aeKy{1}u!P{*4W<5dqTk6wU_hwj=R$6UWNdUXEuXgmlR^sfaMMxEzg<bzT=Xuuqr
z%8$R06@s**!7&6HhdJi@o#AB=B!OM<Xsm#w%ob~K)dHFoVd!>!;?eDU!P-%Szd0Km
zq)$N0e?l*KbQghA(K$#e0#yv%uE<i|Jm);R4Lv%~{|^gLVRYf&cA(4kJD738Rq>!B
zbii=x0Tsp$*YD8e@dTP&p1f@R|Ns9t*YAw{Evvx&7Erm&0GgSBxup;6mIv6}0_s?F
zyCO>=xg`Qq2I3URC_Quv7rZ{J^Z5Tj4pimGS-}2<I`;w8xes0@{r~?TEQlZ=u0IM&
z;Gn6G3P>5!VhIxHHEq@dr8(CN-4&2^7`C8%!QToRse?6U9%@3AcytFiK$D|KFKZX5
z!O`t|!6P})!s9p#IQJiS1RD;X9D&Dmq5uQKP6sD`hR#!+u6I1TYcF^-9tWq8?$QfB
z-EJJd-3}TajmJPj;QqJk1z2%-{Dq1D1B12e9sbr8Adextsv4WCYF~7@en0Md15~Yb
zxE_C@`WG~Zc^uYl!mQssdRYy%v8|_Q1ho%9i#}>U@V7u$$b0~od;uDelCSfVN9Xy@
zYcCE8f$}hG7RVUTTmvlmpNB7@;FpKZUxC(79MnRx4<)mK)~O)ueF3-k1y*}KA@+U(
z83$SzgJv(Ny2R)og7P=0p8Nr-qW_D!f%W29FQEV#pX?0%;?e2*qPzCb3(#nQM=x)W
zE(3#4@&PYc=?z}vvjfx)?{t0g64coPDK-PAG2VDkosxXPqub_Ucj=$*&>!8tUwpb<
zU%UXxce*|SWo^ikG4%3_rL*==ckQ2p?<E?a{|9vsLF;~4pz9;R^F5ulKRQdlbcTND
z^nK$4o;9rn8Sl|qd!h6Ei&Az_m-5bW*Bc<GfmStoHXZ;aG@s7nFDiIIBXHmpY3;7T
z-wUdM8f!sg{S5p)p&+LxgVHOg-U<YjFrYbD2L2XM3FCn*1FxqFx=TNF*S-O*twLU?
z7<vHI@P;l_1a(l6()Sjy8*ad+w9x&J8UBw!6IQ*vJUZCIA5@YehyON+;`^Yai7os=
zO;)_&4_d#8FMLJWVBrh08ZCS!xTzez6{Lr62-ppH!xz-D?F@YbO0R98*|T2L^`LB#
ze8QvA23*KO7O?FA`LNUV#Y@nr0Z4HqSTS!CSTQVddw_c6zHeTDMq4^vUx23a!6_Ts
zUWA1wXmYmG_lXB6FVun-LSA@riUkyu501Ou0a@hH9eTl|@enAff`)?6a)N^L0Z7!^
z37%BJbrC$NJ^)pZ;D%G94Qf(F$iR~7Bv7{qG$q?z`vhlFy@Ohgb8>;)a0il9q5c7-
zPo(g3`vdB5nC63uW`f}-30BPO1XfIW_;oSk3BO(rklU#kejT9Vp}X`23E_7V>;}~E
zGw7`S0}4NAdhqFVy#Y#E|9*kOQB++6)Fb)e(P;At+_-@hvY_PA>3ZcQXvP7g_##*_
z?=N+bV&rfHtygjBc75X0?R(<|sOs!=z0&P^1-jB7)Lg`<9|AyaIauGa)AxZ(r|TV`
zPEZNx`=c9_P<;=)P-FrH^qJ$XCqORo==MDTZ}FXfp~4Od=rbTuP)n^Bw2if~_6*qh
zJ>cc&$*y2o)PxG&P=G80PpA{10qxOU`=HzR4ycHME~o)D_B}weJe`Mpx_vi*7p8-z
z5)OF4n;v0c*PMV4uVVNYlzuxw%SS*%=8y`m2{b*{%ez_)5}b`Tpv6lJC}qHtm!P#U
zps){xD6WGlhF5SN-M$~dH5_Qg333UGGM)!ouK=&VKou;c0)qwhg%{gERUT-U#tmpt
zUqA}#ovfgsz5~kj;GhOgjl-)i@a_cUN(x>kfR`sB%fN#gv?LBRYz$ha30@uynmmB+
zQwTla0Sad5J_WQ&>^;~eutFAjd;nU1H$MOW|35<~wDRVcM_a#$*?$MOe!=~B)b&+}
z_6u~r6>UBhLmo76Ab@Bu2zWHwUIj%S0|Ntpt0yRJ_1dP$gXioa<Mke$tUExxu}0gq
zaCI_BW7jV7@R2=GSNkO>V!&-}v_+hd1wE+sd82J4%*+;Xklo$3K02^2{&7|tsATM6
zr1ic?<15gW%b;!79=)uq6yVKB(E8p^c8^BeU!aB;*lXa96{v|1Sqg6ZL>p!gD2736
zx*O|2l?wx8IRk8Fc7hz-caU)o<n$Wg(aU-TVJqBa?2wiApaKQezp(Kc(7JYQP#+K)
zqloz{P<!~HJlrE7AHqCS4|X1CWiD)l?G30^{}NP?fk)!HL95kGxnUkV?)nB)%7CRh
zajg$G@aSbNM7Hk%s9XUxhC!==A?<INy*IGhd&2`_?_@1#fFkU@;Q_JN06D$EL#g(|
ze^EA&)$qMs(9i%?#jySXBK<bP{r>?z$nXJVH+Ucs5;>UjVU+5Jtlxy?M`#iO%`ft|
zfWqDI+fGm%KvzX_fEqhs=fGD(qOZpX?Pmk8)B{y;pw^B@V-+-fLvQf6fD*h%Zz(7e
zAY0Pl7Jw#l>cJNHbh|=kcR=exz?;-?mLE{}!dG@c_soIA8I(Hlg;yuIO9Wa4B?xZU
zvCfi(Cren81ov8BD1zj>T|XRm08N519CrW}53n_S$oU06J_$<y-MG@fD|o>kXqpdY
z>;yV0`ob7gPW0A(0EKyXfJEaVPy}=aNOT9tz}PY`K$|-t8zQjU4~|dh_>VAXupAyD
z*zzk%m-K}(UiAtdy#(A}4DvU!`~Uw3?d5>DAHtS-Q3p~4ZYLwVAKVxL1x#Z-IEeW{
zV>FO0Cmi6}QndJltM7IP75gAH*!&0W|NekB6T0g`%l|)s$IV?o!29e(q!&mt16@DJ
zYDnRqhUPx_csV#eK&=kYqE%3K@aQh%@aQg60PPO}<u(t{_8stWI5bdT<pXAZ0xzJ4
zm=VO`(H#UDd<G{LP|4}h`5nB(w=?vHN9Q4rZr2<CFF=}qu=YEsy$5c9!WYp(%mTZ|
zfS`Lo<#(YJJfn2hz5vb6BA2J2eK%kuJ8QxFKSh~9%0UBYkirtYVGgZ509qT{2`Vqu
zz-sY~Pk_ohM0$lJYvlF^NFEyBM4JaGuR!4e&iCN?1lqMnI%|J4+IoTJ7s2&5D4`pE
z10{NJ!Rpb;YNf)!aGX^`g@FN-^PvSlczs!;tq@FK3#cdW(QV7C0;`o+zk#MT7#J8p
zQ#y$7g^Z_obeld_hN^^^2u%;*@B+2}yK8@Rmwxf+7Tt}i4l<iE0c<~bzj7~Yofu@8
z43cn<zfc6NvFZ5+nPLa^gO9uZ0XIjsf)<d2W?MTUbAE>3c7l1QKzXkdTFQg!;}?36
zf#3%oovhBv3=AHPwiZy|@V9`Px%)tqryjkc%pj|~S>-`$I*-3de+ID>Y#Y>OP@CW-
zc*v%k^}7-S17w{PXo4ADt%CO|gU47sj<cQzEiDBd-sJTSJo^VS3o;!K+8&Kwo`C90
z$a;%L+o@2U{4GJCGP|3#17uz2@fR1M%MG9|0-5*{v|hran>7`r1U8%S0PZ62j&7KX
zY@z19*zxuM{};^vz|I1B3*szr27;9j;P?Zl9?()kNYvuU5Aga9v>wN!m(@!Go{hoj
z9@MH603{yO_DL@*BPh_pbLrs11Dsjep+mYaSU?>ja6W{k6bOx+zCi8+?Z*SP_BxNh
za6Iw<|4vYNfabAT4<k&6I-~Kp4kIkBg7!2WZvd@`1qA>e|GmIo-x{QKUP$ZwxC`7Z
zyXMo&dJweyzO(j2TBq;3H1NL7+7JBOL*I0UbNF<+3mkWs01X@-cb5Up#CvxB@N7H)
zPJ5lT4?shRAXh*Q^XL_Q#t#}OuYKUrcpRh%)N%pM!@KZrcYOmNIOhdh3EB<c?Wy6>
zc^$L`t<&|+|BIk$D^PC&+^qnuBS7m>U`v1S_y&b%w>`Mv1#d0?@IOES5<H0gvL20Z
zCV<xXgS-M?G}>MJ;h5_Ukz=kmg^s!2V>{-0pW&G6T?R<y$iL0^u1E4k(E7v9TF_E$
zNTJkQdc&hvv{syfVJE~a*0(|o3@-fJT<>}&|8U{o=VJT7vGD<D9gl0rL6;66+Xv{9
zCqTgpll17W-S9ua0u%tqc|?zifnf*8f=<we6VMKV4WNad&@M2@HlO4JK8y!Jdptl9
zfxI~ZoXJ3f`#x}iBE@wBXgVJ3{C%L+W*{p;>-IWb*FXe8?tu%IuILV3(doJbECmzw
z==R;<)9nb_dNaeP^LVH06tFaSnIZo+(B$R}umJ95uoL)OEWsrkc*)}ik8bFaNAN<X
z?%ETbu03EAK-0sZDPNDy+6K^UHpm|y-5@rkkBYX?5xNd>gGYBgXeZf;PVgcKuu0&e
zg})V4@_Ima4{d->#djV9x44hHf>(wb9_TpOSi1*wh*?K(HE6L;FQ{?r0a}^gxC55o
z_@^9%$ab}Y)PUj(9L}Ipd`H8y84RE{hVKTC#)FUv{8CVSfoA(b(>owTJUYRvG(g)i
zx_d$EHU3}hcHIM=yxQ}!4Aczltv&Ff4z&0PlovoD0rm*Ei;eCa$WAX%=s=gEfJ(&1
zBcMc%t$he@kAvG^(Dv|QZqnvMALCUIX`gl1{(!DA0PRL<to;IN0P#127T<QeegV%E
z-uTvX3RJ8y^0&l-YYWhk6%`rXzF#^|b#J*~04wo2T|dB&DgZCc1r-b)y{0^%qNbOZ
zi61lu^aVULbHlNF3Rol3x*u?`feGZ*3|XLX2A|R4d&8q!5Hvv_WC3a&f_F_p1wf6z
z8y-lJ-*O&20SfMAA9n@EN@MK{P?F*AT@NZ(K&^Sh1D%J!$@7Ls_kK{6gVlAqzG<v|
z13DUnzZKMEf!GC3S73QCA5pHq1RWL#+DQc#X9Xvw&SNhu{{8>I6P(OWAxU(X-tg$I
zLrrCnndffT3;!>GjCr94TG8$L0-DfXyaX*r1BVKvF^rg>1Fxq=ThH-9*CJB~vVFC5
z3wX}|7$|vyl3lm!7F~->jRT#oYxrA0%X7hof<$dV%idg9@VAD5*0q7uf(Is`)g~yi
zU2pJj^I&ZJ3ED#h8H53OihmnN<4;hT2Vc$xYT3QiXG9c*u-$$jk2f9zm0RF2L@xb6
zm47#AC&izaUqLYgZoYQc?sx&>LG#MX+o0wc$ZOyP`M{$y^aOl&3}}<ClK`j^1Mk;$
z0@arc5T*oZix`9{gHWIVYMgevzUe&VVR?$bRS=S<Pk3}YsDSoxyo9*G^+dOaO6LiX
z2y7<?e+y`5zz$Hd2A3WuV4D%UL0g6)8yrCgqv(PYA9!`-OK6J)G=B%#``7?FV+C|L
z2dG-@JP$q)1XLD)7Y-x0e-d_p78Z0K^ymc*Xo9B>A*~V67R~FhiUhR1@wn>&kW%QP
z<>Rg=Kps5qdIl8UpiB(fq!PNL+erd6WbecQn%QnV2nmm>43AFV4d6&|+yPpk2cG@|
z)t`{!+oKn>B>}!?a|Kvsr|S|Auyc{>Yta5Fa3iVo1!#S@2k876&<r!!m!SEfouC{B
zPF$V78~9s6tCKN{dB)%WA={Wex=S~Bbhd%?cy#XrQDB?Fr79$offPXUl7UC#F^~$-
z`fyP5yxVmJI4>P|@dz~C09z~TVGF8E`9X_HK%2rqf%DQIT*bLw03~JQEm<v~t;`<1
zwyyk0X}R<Q*bUHn3bd4Z2dJL|>P2=Q>pTRO>~vl7QWTU}L8qdk$t-vYG8NuRC_M$L
zr9qov!8#qm5}@Gktv%(@U3vkwzZGI%3&d2=kY;!73ncqyfb%i5ZfvaG11Z1r!7DxX
zfV0a6MEUKEEX=>X<rJj%;(LLAdm)eI2mV%2`@P#0s;|4{6sT|qm9(9Vu&fB`^?|KK
zt_@ot%MU?e3Q5bLT}a5|BOc9f5<Gfc4>;}wMS^SRDObajkQN{!y+AeufL79lzVPT4
z^5_Jm`{O>H*IYVJ!Bc6c>z>A1a65p%1yXeE0cE*dNG3i2nn&{J1TFZ7pVqMpR781n
zf{qUYwPi{n>v0jm-R-*p6bax)Oye=AVn{*<%~zzkbaQ%i`<_U1>Gb4*212Ln5{NfJ
zYyDyUOVE5NXfG!y`Gd|6>JI$?+a1^$dZOF)3TSOeGpI}0UHS%8;vMwJJPB^OF#Cc=
z6;F6{o_YbQO*&m~z>lbc)<7pfOSZZ@K?_$vMF;3ypYGBdouz*|U5~s(ijgbOYU9ew
z9!QLUG91LI80$%p-3uBWJ??r3R4alywT<?mG7ePA!i&cTjTHi*=;cRQI~>OjAA>*c
z`UhP6gH~;V>yK^+j<jx$v`*h!&|qk+y#h&`)4{3m3OI3|KqSs!(5S+8*IV7bS3sLp
zN>A`_@3{s_pr9ql;2A_$s2*s-w03<18~273wmp!77gVCZ1a$>pf`YfP7VIznR#4P}
z!rk=_IQ@c&ZdXK*ftI4f6+;{Mpw;y+O+kqZG7WX&Sj$0hTPUqN^cHAkMOx>SgCIA8
zq9xh&PUn_`pezGTC-9I5jnJX@$0a~rQt0@_aaZsuSfCRK8f!m5LJ71yx7+mtIFw$%
zef$LyBXEghkhU4*@U(8%56}eg;pLY9(1o%RINFzp@qq5q7yR4Y7;PcdyBo;2pv3^-
z6)K>EKztwYZwqAgNIu2CFNA}m@e!zcY5WCBTJV}5#CZu_Bn*lw^hLtZu|ZIz!2AC@
zDnPq24}yXLwlWh`e0REjcyaRscrOI#5D}c?lc4@2Vmu8rZr!{Sc1{wu@CK<z8ebD*
z2lcgx9<KwLUwn%M^S2RWK0U_oREt$p7)na>N)ijK6q55xb5a!Y@=FwQ6SGql^ixvH
z^g#-^u&7AP$;nSnEJ;<!%qvMPN=r;mRY=P(QUEEpQcz97s->hPF*yTC1E%8CqN4mF
zg_Kl~!pyvMylOM^lS^_Gic*tHi;6Sz^FX>%lS@)lbQBVk@{39`^V0PYu1HJF%t=jA
zD9KkyE=mPCyEs2NJGBJWsSq&*h{38U3J^`mYOn-EdTNP6Zc=F)l4Xc+OwKQ;Q~({|
zt&mofpQ}(>oLW>|keHl`Y$kHJXXX`@mM9b?g4_o3e7-_nYDsy1QMN*HNn&y~k{wVr
zCHV?TsS5d}B_MqniNy+e`C!*5WTYmhq!uA*fOrNJ0tJah#mMoNn37VIT3n2z)-AIF
z6#7sJg|x)n%$!Pi{BkjH<`<;qDQFaArYNYEYH~4fCg<cAr>1Z*s1_sprYJQ%v$!O+
zNFg~Ru_!Sa#7apm%S=vHC@#+|NzTxNXaG4mH8;PgQW3;g$WATFOU+S8ttd&&14nFG
zDkOqcixq5g6H7`m6N~loGK-6IQi~kYb1U>xQth}Hj0_A-4Gaw}AWpz;pF(<mi9$|(
zafzNnaY<2PUV19j1?Bm9>Lm)Lc{%xspyX4ckdvBNT%wSlha60q#R^HK#g*`2Qpm|q
z&MwB1BH&pAqyQ9-=|%aa1&FkWNFH#Nxuqqk6<iEeB@Ad85t0=Y3X1Ye@{{v(6hNsG
zl#)PMhYO;(B(XptKQE_Jp}4f5Ait=jSi!}|(<k1=HP|`cH6${?)d;Q~6vv>#7!Upc
z?jbQSG=Q3vNa{8~`3<0YoPmMi0+bd2?R5m5Z4PSkBB_Tl13=TQFb)F)LjjaO0n{*I
zU|^U4T9OJnW?v4XNCC9_h=GBj0o2$8(V$)xhz1=)1yT=MwFWW=bS@5v2JKCSXvIrD
zfT;rwKHyPl09wk)z`(EpO5;%qmf8SXhQh$Wpa43{lYxOD07_4Q(ifn#0;qKj@&}X#
zYsN;nLj(h$^ajw1A_fMA4^Y|wR0D(j4W$o2X^1XNvH@z&0w|5Cf;5o}pd(R0T0jeP
zK;Z=1Z~&r-OdlIS3;sdr1$qcSEPXUU#i^A(E`T<^g2D+J?+KtIL_pyW>Slq`8|dIp
zP<o04d4_>O0Ol`3=>zKT1SmZLrVnBa!vko#NdRq{WME)8U<s7~P2DgsFgVyi`8cQp
z;2s?gNj$=!W*4Z1UXlpC7y*x3d{Xdo6rUnIav(S0k%mZt)+>QnpzYeAyE#CbK&zrb
zVxxF81V%$(Gz3ONU^E0qLtr!nMnhmU1V%%EW+Ct)0lXfM4K%sH$iTpM0LtG1r8hw7
z6;OHsl%4^lCqU^ADBS?1E1+}%lum%s9#Gl=N?Sl_11PNlr6r)W0F;(Ugt$`xN*6%s
z3@Dudr6Ztp0F?HC(hgAi0F>SVr8hw76;OHsl%4^lCqU^JQ2GIs7D$G;hXYD8K<OVz
z5b+OC`URAJ0Htq0=?hT$1e87irFTH-4N!UolwJU(XF%x*P`U$3H$dqMC|v-hGoW+=
zl#YPX0Z`flN;^Pl3n*;>r5&LDvVhVCP<jHCE`ZV*P&xrhM?h)NeT1NNRg(e<ml7xq
znl9pFWMD{ujUzEIFo5_5&~YKq1`rTG0m=uh3<vQUpyNWIZaj#u0Of=BXMy+*P<|QI
zyaecY(KIN(0ouRc2<0yT9h=L*zyR9W1=4>3%D)elPXJBwFfcH@g7OtWGcODb44?%F
zAoUJVKIj-y5WfJ*S7U_uX9ARO2jzbNEf8d2U;s@ngVZko9W=(kz>o!%zX0XeLir5P
zahpCUA2u#DAIgV~?|=?^2b%{~54z$2#J>RLgAPam@fkpCoER7wK0);>K>1uu5ce`b
z`{ueZKD3YS59LpQ@>8Mw4N!hHl>Y(Bp91A?09}&Ez`(E`%6|amAA<5><4L!md<N*a
z$|oq_0LtfJhPV$l?ji@}Pk_o>Liq=ve19na0hFH(;xjWaT!7xCSqkE_Fff49C#Z03
zgYsKI>wp*-7#4!~YzzzwKnaV1fnhC_zXHnN2IX&n^7k<_Fz_=nFf>5J^CFb*0Oh}c
z@-IO7KcM^#P(C{gL_cgiNf*lB03BZofbtWd<5rze{sidw)mkWD0JO-6fq~%}j1L{3
z5@Us!F902PbAa+UfF@QM7#Ol)eCRmbbSNJ-ZgvpLhmET}g7RVGc8qKg^BX`JlYxQ3
z3d)}Vb$<|)Zvf?ILHV$8vZ+u$Y<%nxl+OSiH+v1^gBG)Z#t+#c_QA%>Y@z%HXnxIt
z@(rv&vCF_P70Q1A9hW-{<zIk~$9;zK3!wJNb3n{@02Mr-{0il7fR-Pi-9P-S3=9*X
z@xK%#58^}9&tVWBG$;q!_rk!y@EFR6jSup0Ld=Ja4;n-HuyJP}C?7T+oeJe20L?cu
zFfi0X`3cZ*^HorO19ZF`w9yir9--wS6Booj*!ZeGl-~dySC57A8KC}ahVo(K^y{E}
z*f{z_D8B$YzADcRF&{Qh;05IiK<5R@pnTZ8!4@bVHlOei%7@P<@IcIijSuTV`32B%
z{~#zIHh)k9<tsqv50*gr6QJe)IT#-_4-H!O2Ia%%Iaqih_QB>q<e~fm=zNG3l>Y&=
zet?02AqvVDfSOkW<rjeF$r%_JmO}X(pz04o`3+G1T`1oHs{SXGe*r2l$_H^z0(9Kp
z2+E%T<%dA|3{ZXsln<LPsDbhwp!LZ_C?7U|upG)SfX*L)788Tg3v8a@3RE68zwjE$
zSAd%L2g*MHozLLqhq!kGw7$~-@mU!dW<c|Y6Nt~qz+eEa|DvFL*nCMoln<LPX@l}%
z^Ct74eAv9oRw%y#YX4a%UjaHFb05l2fZF#F%7@L<FbhE43so-)<vT$6>L5Nd1A_wS
zoDfiX2IGSc*8r6VP(A~+K1qe~L5p-47#M1y{069eH<WJx<<A1~Sr`}&K+RtY;xjTZ
zD1h!@VqjnZU2Oo04+YS=I|c@Zi%|IuQ2A$2{sYj0L<R<i?@;~(sCsTei2oWuOR5+c
z7-XUR2cWep3=9l<P`&{)y?H?S2~d6#l+OU=S3vm>pyu~O`Jj8cK_%=$C_e$}o*jbV
z_8w^IJV=`102==k8viaD|2-Q2I~xBV8ed2V)jrU{OpFW+aQjuz<PFgH_Go+$G=2mc
zKNF2#j>fM?<M*QR=c4hqpz)8R@vo!tpQG`=qVbu9QNu$DjjxWzH$mh3qVZGF_{C`a
z1~mRmH2xAa{suJuel-3CH2xzr{ueYpvk0nx1<?4KXnbchzCRj28I50v#s^)&ft<c3
zqRFp7<8MRbpGD(8L*u_j<9|itGl-)4mj{h6j>cC;<C~!I?a=t%X#7w#ei9nL0FB>{
z#-EMG--yQFkH)`&#(#sx|B1$D7efsX2{gU}8eapAZ-B<PK;ws^@#E3>IcWTHG=4i8
ze-avh4jO+28h;BK{~#LwBpUw`8viL8{|6eMOB^-)MA7(iXnchP28JaJ4157lIs!^(
zK<N`u`T~@`0i_>6X@x|H{tr<42b5+=f{1fKX#pr*k<7rbmVtq<0ZPw+(kr0!1}MEC
znSo&)0|VbX4+e&L3=F!*JQx_}Gcf2TdoVC8U|`Ul<H5kNkbyyWz9<93A_fNC^JWm*
z-U&kIyF=*xP+C43!mo$Y4xS7Qiy0Vnmq$TpaX$uzr3?(Zks=HX%NQ7Rc?}_SkvD{9
z_kqwigCTU50RzKw1_s@$CJYQK7#MUjgBciBGBD_F2w`AY#lWD;BgVk6nt?%gwHO1#
z8U_a4+fob+>lqky4`@T^Ms3idS_WOvIT#xm7<4&w7#KD&FzCJ%XJFXOz@Qr}!N9PE
zfkD?^l7V3>1A}f#00YA|1_oW<5C(?r3=FzG@(c_+7#MVCC_v~JN)Y<B286bjW?<OK
zz@Y0c#lWzOfkAhgG6TbI1_s@ast}sZ4?>HoF)-|5V9;Ic2cZ{*GBE6AV9+%ShtO@x
z3=I1i7<4<N7#Q|5Fz70WK<I@M3=9Vt7<4~KLg<?k3=9Vu7<7%LAoO!z2z|zvf#DDX
zgYE=h28P2747z<m5ZXwOf#C=PgYI@;2wlv>z;Kj-L6@BuLbpL_ZaxTqJ(Tw3hwv{!
zX=ecle?64mqsqW=jDbOSvmyh-aRvt6nNkc4CqVIJ&%kgJ6n+j245t_vbhkP%Fq{Ut
z#}Pbcq|4?6p{t!37|t><=yEwTFq~sx(9L&dU^vgfpu5|Nf#CuJgRX-Z1H(lI23>Ut
z2t5%>7fM3-=VTzXq%4F^fzmF@5Wcz!gnkF5Ez}@<7flGQrURjyq4ZP(2>%I`&M|`U
zf15z)iKY;m!2v?wgVKuwApE2V2+g3zz;KCyL04Rnf#EU(gYG9~2;Ha(p>zEp^zSeT
zt*FVsa0Qg#6d4$<g3_TP1H&~22Hmqz+CT-u{|==c)gb(Hnh-k2A3`7CVPLq<z@RHB
z1fe-KA+#@)z7D02t1vL!U|`TyP-bAb2?}372>nrkf#DV?{i{G|=1>TotIWV~n}I>s
zS`|Wr+BtU^7<3yn85ltH1XTuxy9^Avm3|O9OO=7)9w>kNLFh1528R0#47#3v5c*^o
z1H%JQd7{d|@DP;V{UCHkC<DVI1_s?GD18G;rzkTpJZ50ftyY21Mye26T$O?038-8V
zVqkd6z@U2<N+$|K_!BiDw09^2!!uC2g3^NF3=Gd17<5BD!CQ-U9TdRFmg@#PgU2j&
zHRTu>UNbQ0{_tU7c*DS;tE$1k@Ror=S6hUE;T;2m?sGW?hW88%x?WlkdZ!cv!v|3L
zqXVHg=tAgwP};-?!mp5JVED+uplc<|!0?HILHDx^1H)$q23;Rr28J&T47wH};4xBN
zuRsQdZww5&T7e7<-x(NmkB2ZY{9s_v{jb2l@RNZ-w?Gj>Z&HTP7oc>n3WTqw$iVQ6
zfkBs11wvnyV_^6VGG7ZqFL#E}3Jme_QRbj^%PFa4Sy>>SpJifcNq#(N6{fSHYk+x4
z37Cy0<znbsh9+bNS_zt*jUjFVG72JUoST^kwZ+gJvVJ-~H>or&zOXd4G}SaUx1gjF
zq7vB^MmSwTgab`;6SMM*z&<n0&CG)`i8CI_<wzP({Rs;nXCq996A^qM?dgdnsqpZG
z3m8Dn0||ga5Jd%80Hy*d!f*!_5q>c=D@iPf&&^LM%}I?fE=epZ39!u0%}<HX%uCA;
z07ti>DT<Q(0t^*?hK67ziFt|XsYTAPWP&OR3oAntSR#Nbhe;rLiHJZnGzM7-Us4Yb
zDRgmIfT1`Bp&HrYE-<x7E}<xJL&9JY3CcD;h6cImMe)fgsb$6GU;!fo*ANfapm?Vs
ze@7Q*$Ka57M;DhMu#{P5US>&Z3YcwNl9&!+80V%JfoMac+|=Co;*8Rgl>G8MNF14f
zgg|;S6LT`FQUkn`K`JdkqG?5`sR3o+++YdfgO^f+xv24GXa-sE9}f>yXlg_YQbPlT
zJ+37sAbb4Kl^A8F#V4ku#DiC3yJiJ=8=7UN<)xOyr=;eVR>Y^I7AHepfEta4AdM-h
zIWUb_4L1gvoS&BpQxt^7bgUXpGSlLdGg6bY<8w=MN-|voye&W*89<Bov8uO#g)zY(
zu}n|ROD#$)NsZ6R%*&2XElbTSamDIGBc#wHWUNJI8YIA61I*&Vg=Ro<09I2$D#4pE
zT(cmV7ClDbUcnxxmYHesX+?>-sYR{<aJvwp6X2a3Y#xs-j1ZX}H6r0fBYJi>Gyr9Q
zc<?p|*UZe!0F#2Ed~jm*!=V)7ugu(lWFi!o7iE^Dx@HC#muBW?LL7`%-k>DktN<KV
z8-iU~oSKuGT;iIU8Bm7Lokl77;A|Za+U!BdQ*gyasfj80U1|(7m#EN!t0pqQ;OdD8
zGZUCghzt=6L=ge1RZ23Gi(v^5JvuClOA<ly@dzy`u2^Hv98`SfCKh0q#Yo|37FmL0
zl!zFDC?ps=@Y(`B*&-?zG#9wQYC1zRXcY)AY0+{8a$>`!781+oxdNAJNE{<)3oI)0
z@=G$)D&vz1(%=P75+o)t6{BVl)ck=(HMk@L?Nv)nfh7b?RiG3JDv;wLe#^*(m1USp
z2^QtpwG^k8fV>x9l33uH72uW`U>+Y2u9#qj9yD!X>NbOI(TWFc(Mm}zbA{G?m`cr)
zb5axYN((THcTBYwaAV<V!8O3!&=3?1pn54jB?nq}`(a5n7NvP`{V->N+XGk>8yO%e
zMp%YRxk+Y9PAbl*!cyO0_zjYepcxKtiiW5J=QzA66jVz=Ht@mICywNasD3b<g~+#<
zQt*~5rW8EyV(G(x;=2eIR+#eUDXHMT4jvV$c@Pz_WC-yVrcsFM7K<DnCnCxuOnvZT
z3Dj5x^-BzmGK=FA^D042tjs*9tKpL7>8U00C7Gaom+^U}xk;%opTks`q*i2>py@*H
ziNMsErh@jvqA4^j&Ph!zaD`@kxKfyCB{*PU!kE1>kn_#T6SGrGG0cDm9ZWYojerC|
zohy`<0VH1_q(EKb<m~wLB53sklR>X`EJ{k^!Fv>uy$lyb^&X}$#D8#cR1YGAQGEy(
zhkFqr0!tHc5qR=Ph`>@kLIkQSBn+k31Pc3*FtnyVR1mGIgNkBgBZxRC>_9OE;lZtC
zh==z)8RB6zBvL;DSrDlik1P!DI-m;XmR6t&Kx!gnF-YqdSp-}OAq(W?=NBM)H5f8j
z?FQ=scX}|?LrOAaVN4OE`iddmKiI7(H5Ekrg8Og?R(wceIu;>N&kq#FpgIIZ=auI&
z#K*@cS0u(4loqANmt_`}lqTjdfU3kq@RoCi_@t`TqI?E$bGEn~<XbqqC^a{~ER`W1
zv{O63w1go(xwNP#HLoPTBm-1*GsLH)mZcTPg9eu3^YT+tVFECHsUX2JhIj}a5878;
z!VsUC2Cn8nL~3y{IzJw=p&BlnQe1+rGB33xH?cSyqy*H#1P4Q6Nh+KV^%uC7kB4j$
zhRH#AkZxphehy4H71Vo!anf=U)4|RH84e0iP?&%=fyd`$7K7ank^q&7P=}$2XQUM6
zq~^iQ0`FOeadL7%8o;3$pHx|r3b!P;q!gwmFEJPHk)l-4R%<vHlrm7<1`<HE4kQAx
z1!f*d1j+c~{Irr}xLiqMNqlBra#3n7C{i=wt_HQwktD!T4++iEyv!1Y_#8;F7!MA4
za4Q}m1`03;uc#bDK~Z@;iae+cj!&&f&M7U<1SK?(!A0fq;IbcX2$&b2lA4&3lbM$a
z7lw>OqUg>~X8`w^;}cV|pe)e&0#GJ2?7$<D5LdvNxiBR~sj0cp=mblqr<Opa(o;(^
zQi`A)a14VL<R(@iIC-fRB?Z|q9R=AS9r4AfC6Mz5pn4I)2#pA_qU5s7G?>bw)PmH!
z6etfAlgY)Ux$y<5MQQm(xv5AJV6VkPG6mRK#i=C-(~DC}KrTa=1L8s4nVOrNTfh*X
zo0^+kPzk1s!9E6uIYWG2VqSi6YI1&FN^yKietcq5aehu|Noq+ZD3OAC@$m(jDGc$T
z!XUmVF)t-Qmm$75HK!;wIlm|c%!HH_;N}vT52?o(;*0YNiZb&`(iq}F?Ow>>0F(_a
zg~8$=0_33L5=gEpE-A_byA)zBC{;ku+F*bdO7R8xIho0opkRj!6{V)77NzDTr!vHs
zX6DBir51x+U7DE>Dc+!NVqo}nkLLgbgYq>71_sdiXP~t?pksuX7#J8UKnGSaFfeKS
zy2k_JhcGaKR%wHjFn|uv0bQ>P(!<5TF#m%HBLj3L5m??eIX_nqRLGWOrWWaeHX&O?
zxmbFII!Bp=G2}>0S^jtJY**E*{NJVK@-fDXHEKRtFMD#$7o+0E!F473mk7CEe!6-6
zdB^>0U*5hp(edrewYjY?ul~Lf-DoYg;Un9boo$D1dR*iYKloFTYyaKlWv8A`4c`0e
zVB$%|{S$XS_PiA;`J%;5^>X|aVRzGHuhrqH;d-VUgqF`YK7Vr8h1jyQI%fO4=5QW9
z@i{d8(SzGt%@4h~An`)!!M11Tp1m=0K54iu%ypH|vL*Hh;!M;hy86tGV07!WW80<T
zv}(n%RR!zUoewtRWQbnl`12fZuh@B~q$4{SUg<Vey53#rlG?IR^_9lb(63hgw<D_N
z9852t(|B-ZKDXFKz3sE!D_H%#rf{9f|I@E~JfPK}ptJQrG$<TJe%%8H;T#6=)H?&{
z2qI8`3t)sL16U5U@(ZMf52~I^tIebBdvXdJ6G#*s4PbR3c@PgS&j?+U#lXM-Iu#2n
zS6rHum6}|l=N}5<f@7WwDasgr-Q#9tU{G9V(7?tCwuhIIooPXXK?4&bqanWmFB@k<
zn+IbmGYb<VD+973Mh1ojO?)K=O)M-1O-yeVFf%bSF>y##tz2<vnj#NKBh)xXZdL|^
zBtvckPB!LH7B*p~&|pJh13?gnOPI^Cpdcqz!80#e&rr=k1tiEVEDI5IPAw|QOv_A8
zEXmBzQ*bOT$;dCtEU7dUGY|o(V;1Ixs0+%^FHvxIG>{YLH8e6XGB7kUGBh$YjS}ZI
zGDqSXR2u3UXoGd~sJNt-rRL-pq!uZ7x+vhX2<9Lj0uF-th6mX<$o@5GVpKv75k^)9
z<|amd27@L>E~X|%MuyHZf41mZj_;N#Ycnm5zg}#Az;r`*3zt2cO8xSw_OJc<Ca>SZ
zcj1KH(_D$o@-I5w_h0Aac=A7NhNkHADRXz4F6KJB<-o&7313dV(X4RI%uL9R@0#>y
zp7JxRLrR+s{bhE2+GY~z^lrmSCT59=EZa6$=o!m5xbnK@@8*k&uD5!AgX20kpHc4b
zHnS%=tB(kF6||_Wn(uP)<Bnt1Q^aR`eCLi3+ogPTzNls0so29t@%#^h>K$I~Tf>nu
zHTtB~oTm+^<g;94a_o+5P?MK^Q@uWJL6)ui$_ODtdxbKMTv?e7hx`OH)w)k#yCB$f
z(vSaRSjmN(9NuXai&n2${^*iVd*n$bW=00a#f{4h8W$VLvN4Cs^0A1qh=hy3U3C6V
z&5VTt5B}_H*VXy-SUkjlA0#cz$oQXy)qt6i@xOsQNI;oI!a%G+MEgRf`;;=ye_yhD
z^&FOcclWL5h%?XwDUfGTH&8WDUZA)@zD+ixq@=(~Uq87hM=ueS{`8XbbM=ez^Go!S
zi*gM3K<fEHHn1==F}4{9u)%W}6B`Q?D+6*=a)YCik-^EbBzxhVV@vwYwR$$oa=Gl8
zs#Cuwa>ts)-|Q168ST8X-}+#HWtL0HqBqg<1y5Jq_0Ew|F4T>`cy#i<ceA?+Qk&+A
zJ(dy>@6=s!_AgIGgeQ+iz41GSD(Nj{Yqo9O?SFrT^xPAY)4jOE()AD7ZQFdL+3G`i
zZpjfn<-m8dmNMrjd|B$TobAx=s7LbhZmxAtrhioz*sh>dlwWk~SU~AfTh;#9#SAa!
zoAr2D_HVX+HK9Ro>a2t>73aS2aRu8g`sIH^Ze7dNUZXu>zMU^CBp$4p<+Q8HO}b@K
z=Q)uV9Ty|IzpV>9qQk1?x}N){_ev&ylQkX36GJ;)PO2BPziWEx_qD*FiDkDz6Z2w7
zIl#z-97e44D*z143`~qnjSNi;jLo9Nd5ujCj0`NHT)GrOgmU_mi7PqfC*GEG4|vV`
zHm<To_qExgaG%gO-IAU6etPG8WnZmi!1O}G?neOU<$A{zGk#t?l{QBuTkyi--A|;o
z4$DuSSH-i$y*v7fn7Q%kBmBPSL^3a)lq~uh%XhUte)cC-=3SxvzOlR?Q%sdby+tEs
zH&6NgZO**&0lN-H1f=(KY*F}rdX0`ke!(_-MuVR1&gc2(+J4sd)Q~#y@7&g%d^h7{
zuAR2sYPI$YKOe&+?v09KdL>tFcyA|(tzKL>$vrsq;Cg+>%|CuWE;##av5#w=yiaz(
zG{?>(B}v=@&5rHHU5y(JBHl!?81-aq?w7rnTKqpfE_ILRjk5X1BB=|@r<~M<<n$)S
zDuX7*GPJD5hMBn$g#p&AO)&2_F@h=@Sp}9RMh=4}Mizr6Mh0j_mz=`NXwdk{K#Pq-
zn~jl`m7R%EOb%2s6kF-*mzS3#6%F7*A~{jtpz$zVF_S^#HmSzVL8&>JiFwJX3i){o
zB^jB;3d!(VD^($>QXw&~QlTKRsH9RMvADQ2H?>$HF*!N4pah~PO`#+s6@>E?Kz3v%
zCnn{jg3bWTOGzwBQ7B0*$}Lt%%u7)KwOcbm^<c3=ej4a}F&z|(APq%`O1S-?TC)Ij
z9vAo|u9CzOaNnp{4=rmlgDRjHvzb1+72DtT%)axveD<fZOXUXs2jyFvTcu~(x|@Gm
zIoqL6=gP(jLO1q(DW3iAQVRd+N`I3Zi|l?@{LenY{-)NlxjR_lvc-{&`)B!cW&hXy
z6S<s~vqsz@Oi-@m^7d|JYxl)h^Hm<bzPP>MKELZj^-~{nE8afeDlWd_PMwnJDb=et
z`LAVPS)`&Y_<iA;{^G`jW75%_`ja;OaPjz%U@=ehtF2nPLYHyYciyJ+_g*j7{~4SW
zopK=Axcs{nyH42aTl|WAw{{gv`ft5yR)4TP^yc!JJB^%v-?&;huWn(`cImy7om7Oh
zj`PcI^PLlye8RgyJYZGV)mu;gT;OCk-%whrXwbyE(x8cDBBc1@5YH9}<&P`dg&b6%
zX3PLKAwaDg69Yp7OG6720|SF7ab81914BatDA%BIsiBmC1REFUB(=`TpL9|f8F`Qz
zdWNnB&XA^$4NB7o)PjPxu&flKQj79KGE<8b{2+(X6)X7oI4fu%nv0sSh8s7E*>VOl
zAhWr6M6sHH()1(P6x!Locg9KytFIMHce^`VJU=CE5xL_@#`z6Dx;xiI2Y>nZX12zO
z&YVr<-<5bLyu28YzH7o3HMgKYq1|i#v0Z+w{`a0DLz>2R#|z>+)86cRa``yZf6w;q
zk*(((t~2&YUJ>R`m|2kZl6z8G%_RO`FIrjG%DC$uelMD&d}YFy??!p0W^aGJuX`SB
z^8Sg`R;?3!y~j^hyWN`XIN{Q)%iq{~d6>7Sx8LOLN||!#Oi7BHcJJF*6|cg?J1rk4
zR&TtrRJL(}R$9;3@HPJyRylRet*QJQ|GQX6_L9Yibskc`BCp*#{MNZW<=x>VH$kbc
z>nyn$>-+PzA7S$1dZI4!OeXxwLpJuq&;pW)&7g^i$-n_t-Y_z<m>3ut7{K@jjBP5Q
z!pcftKR>y+0I9G7aScp#K_~E~7#Jcor@S`JWfg9FA1C4zRUmjS)lqe$c9sDTsIdcX
zPB9rUptPm1w!WGeK~W7ZPlXMd82JsF7`ai()4v9$FefrGifKZfh+3Q?6_JUsRy}&r
z$}=>JR+P3QdxL=(D0o#tZAl&jE?B@YGaCpa+LVmEAZbvu5?N3PCddm7US38}M+#h6
zduP5*h@HMyhe4u?g>zz(V(7Ds)aPo^B~!8rN-yPIkbda3k?%`M&Bk($Z~ettL23?N
ze;jUeU+Iyav*=8sLS?wWXvk#_mTQ5JCV8%lTfFsDbP&_U8!s8J&i$Wvp}e&-_|Io+
zQ^Dfm7hkvR-kBvUy-(=Dbg7AlKP}X;D^G3G+0E8{_JDZIQeAttoZ73B#`XM*oagb_
z&hPTPyWVO;z-yIN`@L?jFAKN+@w0fQ7)!{c8UNQ+NGI{N>3xZDx!A|@k9%71%|ELQ
z8=f#0?d*v6Q!a0wy4gN-9qU}l--314TnGM~Ik@~q%iqfvpGKa|Wtv!FesQW%eB#oh
zKmNt5diXtGddsj$=z~F%&>JR3MuW!I0qoZ?p;Qz|9pwd?1`_ai<7763<q=*+c18mk
zgbb@8zc{a<siC2vfswJXfstX9fj&Z(#ZZYw;l9)w2a6)5RSfgyR<VCkpL$4n+Fy=o
znT0o2ojlaByXPfx6~)NPz|zFXkmMT1Uo?58lDzi0u9qr7b!S-lmls&AJ@#MFaBj)`
ztJ7}?+5c1bl#I-cOxbv6+G5Y2HXN$2^R!Q~+1eP*D&DTycGJ%6OE}M|ov|GKVRxQt
z?|7PE&UGU0{eRBS?_av_*!+kg=BMt*D|NeefBdF6cXyUo#GARc8Cls3nybF@Okqp@
zp<H^BHzrPaZ~6bYcmBV6_U}Fxo)rK8+28k!$<FB^cco3ZUcTP2ukO^Wo!{@~2IVoh
z2wxAp+Hi*HK<aTRr|o<~9@n%E)cUAZ@h=w8Vc5I-xv%A>_&rC9CObUx>bbh;#<X8@
z0pF(0H)1>6Dt2i4h3fBrABY86Do9IlY+L$*Z8zh>CV>kEO#)}wxS>N3oB~XIhD`#y
z4VnbD!-JQdX+e{~3WFwrB}|OW;5v#`n~#}Eij~2j8c8Q3%Yq!1EQ1UtMn*PPEoK&0
zHUmRYm?OnDi-IZ_%d@Lln*Nnev-L8QUU@5?e0`?u)*Ojx-%Yp7Xqn2y#F4n;eEbT5
z!V?nwpp*CD5pEP^z|6$R$i&I8i))c<{>M%87Bul*Flb_BGH7Cc1#OK~r~G>}a|_dP
zkhM@Bfyx4d8bbqc=az+;M;%m=rz(VG=B5^xB<2>-VN3(mATc#GG%ztTGO{oN^|lO6
z4UG)Vpj-n-Ls<i9P`iMcM+D)n;LP;A)FK5Re?M4Tf{XlNlNa(VXWoS>NN?sU<2U8E
zj{Cph=gXj7-G6H*9azR1rn6}Cn$XE5FMl7ob>?~LiWNmI!T}0uKQ1nvdC#Dyt;1^h
z27@5R)qh)`ad0l`InTwzQ(gOH`R?%J|9cMB>UWjiVoz}kcX@mNqV{aVa~p&|&-)>F
z>vOSY!>((#i!@htp1;RDMMd)E`h%%I;+MTM31*yRci;G|kZa?Tc>#}S&l6}YlAjX8
zw0=gR@NCYvLQc{8Ni3@$iABHRN^_oYrNwmWAAYW!|9$(9Xr0eKnpB_rnP>Nr-@$@x
zbrz@6&F8wyp80#^T_Ed*k0<o<Gw1RNv#h(>5ahZ&>G9%BSCf5D54Ng*yz;*s+E!pZ
zXwbyC7pbNX(J+Z9=-(|8?&$6#aBl-!#s0t@cxrl+v#Ne)@0qt+ER0b5@$-@9y-zZe
z4VoCibs4DV#A?t4Drx^gvks)=^ua&_R-Z93ipgND=s|s&)a1lrQnwp}>T-D&9Rn=`
zjRk58RN9oFo<<!<0?jCZ^C0G663zwz2U^w!SMzhHU3qp`^vVa(_2xRi?nN%Gbf}V6
z?v3r{xM5&){eURXx+8CQTnL_|pmDr?8;>5-+SGpTRsOoSrgwk2^N+WRga6so%We<;
zD&_k5&04p7+i9!SYi+c%OzVxKWp2)CJ+oAO^^@ue%?2X#n(GfV<p~Au;tX5y%wSeX
z@sr!SfA1QY_ODv}U1{wJzQPM0vHMs34ES?w+qJZ>TQUPhpZ=+hR%nQL@8Zr~I3>A%
zF{`p{uK(ef3r~xFzrR!V@BQSimLm_%w`RO8-~P$4%yePX`!({84n___ulIPf=}i88
z=rU8sf{fZID|gY^Tn9p{UAR8JJ|M*Lf?-9LpJMi+V1`~Dn;(lE44PQj4VswVLrcM0
zpYY`QpFeCz3o5#d>VV2RBLfoyQ_ujji3wzA8NnUkl9<q#)8%rBh2Liiq{m#+o42E1
zIo<A$(<9DWuC5&te~KOS_a3<sa8&)oza1t83wVWX_Hy{mnw)QGersOp*Dc9kCY<oh
zja9g8`ImFo7pu?byfRZ*XSzMOWqKr4LhhK@Vxhz>dS5?u^7h=Z{l<1azfIML^N{oj
zzKV|CgGxJgDGJX%^{#8)-RkK7i(g(`+*tST|Fa&?C)Qj)1(p>V@76iu6;;G#8BlUp
zBd;>PZutt4^I@CAa+bdQaAe)jR|<U+$2CeGarkzsIaS7eOL*)WvG8}GXWS$&-<|KT
z6mPx7QvEn+{^`Y%v1_tt<ji~YrbO4p?m?m*yK9|EsoD&O*`@PN7`*k~U)~QXCecTi
zv6gxRJG#t?YjoM{(${;1!R#lMZ&b`q-Shcs^vfOf(#ppdo!_!j<K>UL1s#f(pKlw_
zIb7s?&DJS!`mVLIeUmPgb{~$N^YwJkovbXYyRSoP--={^zGgT1L~d0`{3qu=feU3Z
zvl)0~{Z84O{q^koA-kgOJMO(OStYt)T}=84o;9=OQa3;5H*hj}x$ZLK<>hysic4z(
zom*!m2;5nxeknWsq_J!M$r*ABX4U%&PJWpA|BbinXTMWQeBsxX*q<tGX@5EAvg_$Q
z`=@<7{<vL@Ik{mqt5vSK#^M!jsrjJ`Gdf-c*`54y<=HR$B~R2EwpwLhJN)#gQR4}t
zMII0P*cMAZ*?ijC`~HJ7e4EzKxY#^8x(u1(B9zldN0&kKNTZ|6qod1%YINDKiOJre
ziOCu~V9{YPp#3%`4tRHxlMUA6UC`KLAO&sS^D=TW8}g#`fbk7k7)2Q<BXqJDim`|U
zHq4c<{p{zuYegLsC-dr4o0j}^Hqb^gk%`Ap#z4wI!a$5gq?K*qrS-a&Qm1`=KY!To
ztG+Gi;|$~`9&}7Y=v6~ZDEkDx)$%VyHnh)Oe$m=FS-y?cxL)RHm5p1KQb$p7&xfP=
zEbndN))-xTc<`L$&l!rLb{j-*8TuPe_n&`t?S%8j>m8gr#YDW7V@(=Ls%+<-ESa%U
z-gU$OJpLTT@3+!-Up?O%YV5}Jq_R9!C}R1nKg^+uYiHlMx~W7`Iql5h-8_QM?Xnj2
z!oG~h^ZAN*y6M$V-Tu|5bDEQXrQ6fr%e8F2|2XvU?u=lgv?bMzSDPK!CU&O?FK<}w
zH*x+7??v@8kE$cy3EY@BeLZ(mU1?h3#gqKzFGQA^e`HKQ9mgpj_v_JZRZY&7+rqm&
go_8s16t7?Zro7!>^K3|Q;ggMB;ME(W#DIkW0A}r=tpET3

literal 0
HcmV?d00001

diff --git a/ext/bin/tap-mac/tap.kext/Contents/_CodeSignature/CodeResources b/ext/bin/tap-mac/tap.kext/Contents/_CodeSignature/CodeResources
new file mode 100644
index 000000000..0710b4008
--- /dev/null
+++ b/ext/bin/tap-mac/tap.kext/Contents/_CodeSignature/CodeResources
@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>files</key>
+	<dict/>
+	<key>files2</key>
+	<dict/>
+	<key>rules</key>
+	<dict>
+		<key>^Resources/</key>
+		<true/>
+		<key>^Resources/.*\.lproj/</key>
+		<dict>
+			<key>optional</key>
+			<true/>
+			<key>weight</key>
+			<real>1000</real>
+		</dict>
+		<key>^Resources/.*\.lproj/locversion.plist$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>1100</real>
+		</dict>
+		<key>^version.plist$</key>
+		<true/>
+	</dict>
+	<key>rules2</key>
+	<dict>
+		<key>.*\.dSYM($|/)</key>
+		<dict>
+			<key>weight</key>
+			<real>11</real>
+		</dict>
+		<key>^(.*/)?\.DS_Store$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>2000</real>
+		</dict>
+		<key>^(Frameworks|SharedFrameworks|PlugIns|Plug-ins|XPCServices|Helpers|MacOS|Library/(Automator|Spotlight|LoginItems))/</key>
+		<dict>
+			<key>nested</key>
+			<true/>
+			<key>weight</key>
+			<real>10</real>
+		</dict>
+		<key>^.*</key>
+		<true/>
+		<key>^Info\.plist$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+		<key>^PkgInfo$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+		<key>^Resources/</key>
+		<dict>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+		<key>^Resources/.*\.lproj/</key>
+		<dict>
+			<key>optional</key>
+			<true/>
+			<key>weight</key>
+			<real>1000</real>
+		</dict>
+		<key>^Resources/.*\.lproj/locversion.plist$</key>
+		<dict>
+			<key>omit</key>
+			<true/>
+			<key>weight</key>
+			<real>1100</real>
+		</dict>
+		<key>^[^/]+$</key>
+		<dict>
+			<key>nested</key>
+			<true/>
+			<key>weight</key>
+			<real>10</real>
+		</dict>
+		<key>^embedded\.provisionprofile$</key>
+		<dict>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+		<key>^version\.plist$</key>
+		<dict>
+			<key>weight</key>
+			<real>20</real>
+		</dict>
+	</dict>
+</dict>
+</plist>
diff --git a/ext/installfiles/mac/ZeroTier One.pkgproj b/ext/installfiles/mac/ZeroTier One.pkgproj
index afda65546..d962e96dd 100755
--- a/ext/installfiles/mac/ZeroTier One.pkgproj	
+++ b/ext/installfiles/mac/ZeroTier One.pkgproj	
@@ -2,670 +2,731 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 <dict>
+	<key>PACKAGES</key>
+	<array>
+		<dict>
+			<key>MUST-CLOSE-APPLICATION-ITEMS</key>
+			<array/>
+			<key>MUST-CLOSE-APPLICATIONS</key>
+			<false/>
+			<key>PACKAGE_FILES</key>
+			<dict>
+				<key>DEFAULT_INSTALL_LOCATION</key>
+				<string>/</string>
+				<key>HIERARCHY</key>
+				<dict>
+					<key>CHILDREN</key>
+					<array>
+						<dict>
+							<key>CHILDREN</key>
+							<array>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>80</integer>
+									<key>PATH</key>
+									<string>Utilities</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>80</integer>
+									<key>PATH</key>
+									<string>../../../macui/build/Release/ZeroTier One.app</string>
+									<key>PATH_TYPE</key>
+									<integer>1</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>3</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+							</array>
+							<key>GID</key>
+							<integer>80</integer>
+							<key>PATH</key>
+							<string>Applications</string>
+							<key>PATH_TYPE</key>
+							<integer>0</integer>
+							<key>PERMISSIONS</key>
+							<integer>509</integer>
+							<key>TYPE</key>
+							<integer>1</integer>
+							<key>UID</key>
+							<integer>0</integer>
+						</dict>
+						<dict>
+							<key>CHILDREN</key>
+							<array>
+								<dict>
+									<key>CHILDREN</key>
+									<array>
+										<dict>
+											<key>CHILDREN</key>
+											<array>
+												<dict>
+													<key>CHILDREN</key>
+													<array>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>get-proxy-settings.sh</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>launch.sh</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>80</integer>
+															<key>PATH</key>
+															<string>../../../MacEthernetTapAgent</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>BUNDLE_CAN_DOWNGRADE</key>
+															<false/>
+															<key>BUNDLE_POSTINSTALL_PATH</key>
+															<dict>
+																<key>PATH_TYPE</key>
+																<integer>0</integer>
+															</dict>
+															<key>BUNDLE_PREINSTALL_PATH</key>
+															<dict>
+																<key>PATH_TYPE</key>
+																<integer>0</integer>
+															</dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>../../bin/tap-mac/tap.kext</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>uninstall.sh</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+														<dict>
+															<key>CHILDREN</key>
+															<array/>
+															<key>GID</key>
+															<integer>0</integer>
+															<key>PATH</key>
+															<string>../../../zerotier-one</string>
+															<key>PATH_TYPE</key>
+															<integer>1</integer>
+															<key>PERMISSIONS</key>
+															<integer>493</integer>
+															<key>TYPE</key>
+															<integer>3</integer>
+															<key>UID</key>
+															<integer>0</integer>
+														</dict>
+													</array>
+													<key>GID</key>
+													<integer>80</integer>
+													<key>PATH</key>
+													<string>One</string>
+													<key>PATH_TYPE</key>
+													<integer>0</integer>
+													<key>PERMISSIONS</key>
+													<integer>493</integer>
+													<key>TYPE</key>
+													<integer>2</integer>
+													<key>UID</key>
+													<integer>0</integer>
+												</dict>
+											</array>
+											<key>GID</key>
+											<integer>80</integer>
+											<key>PATH</key>
+											<string>ZeroTier</string>
+											<key>PATH_TYPE</key>
+											<integer>0</integer>
+											<key>PERMISSIONS</key>
+											<integer>493</integer>
+											<key>TYPE</key>
+											<integer>2</integer>
+											<key>UID</key>
+											<integer>0</integer>
+										</dict>
+									</array>
+									<key>GID</key>
+									<integer>80</integer>
+									<key>PATH</key>
+									<string>Application Support</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Automator</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Documentation</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Filesystems</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Frameworks</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Input Methods</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Internet Plug-Ins</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>LaunchAgents</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array>
+										<dict>
+											<key>CHILDREN</key>
+											<array/>
+											<key>GID</key>
+											<integer>0</integer>
+											<key>PATH</key>
+											<string>com.zerotier.one.plist</string>
+											<key>PATH_TYPE</key>
+											<integer>1</integer>
+											<key>PERMISSIONS</key>
+											<integer>420</integer>
+											<key>TYPE</key>
+											<integer>3</integer>
+											<key>UID</key>
+											<integer>0</integer>
+										</dict>
+									</array>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>LaunchDaemons</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>PreferencePanes</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Preferences</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>80</integer>
+									<key>PATH</key>
+									<string>Printers</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>PrivilegedHelperTools</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>1005</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>QuickLook</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>QuickTime</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Screen Savers</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Scripts</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Services</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Widgets</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Extensions</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+							</array>
+							<key>GID</key>
+							<integer>0</integer>
+							<key>PATH</key>
+							<string>Library</string>
+							<key>PATH_TYPE</key>
+							<integer>0</integer>
+							<key>PERMISSIONS</key>
+							<integer>493</integer>
+							<key>TYPE</key>
+							<integer>1</integer>
+							<key>UID</key>
+							<integer>0</integer>
+						</dict>
+						<dict>
+							<key>CHILDREN</key>
+							<array>
+								<dict>
+									<key>CHILDREN</key>
+									<array>
+										<dict>
+											<key>CHILDREN</key>
+											<array/>
+											<key>GID</key>
+											<integer>0</integer>
+											<key>PATH</key>
+											<string>Extensions</string>
+											<key>PATH_TYPE</key>
+											<integer>0</integer>
+											<key>PERMISSIONS</key>
+											<integer>493</integer>
+											<key>TYPE</key>
+											<integer>1</integer>
+											<key>UID</key>
+											<integer>0</integer>
+										</dict>
+									</array>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Library</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>493</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+							</array>
+							<key>GID</key>
+							<integer>0</integer>
+							<key>PATH</key>
+							<string>System</string>
+							<key>PATH_TYPE</key>
+							<integer>0</integer>
+							<key>PERMISSIONS</key>
+							<integer>493</integer>
+							<key>TYPE</key>
+							<integer>1</integer>
+							<key>UID</key>
+							<integer>0</integer>
+						</dict>
+						<dict>
+							<key>CHILDREN</key>
+							<array>
+								<dict>
+									<key>CHILDREN</key>
+									<array/>
+									<key>GID</key>
+									<integer>0</integer>
+									<key>PATH</key>
+									<string>Shared</string>
+									<key>PATH_TYPE</key>
+									<integer>0</integer>
+									<key>PERMISSIONS</key>
+									<integer>1023</integer>
+									<key>TYPE</key>
+									<integer>1</integer>
+									<key>UID</key>
+									<integer>0</integer>
+								</dict>
+							</array>
+							<key>GID</key>
+							<integer>80</integer>
+							<key>PATH</key>
+							<string>Users</string>
+							<key>PATH_TYPE</key>
+							<integer>0</integer>
+							<key>PERMISSIONS</key>
+							<integer>493</integer>
+							<key>TYPE</key>
+							<integer>1</integer>
+							<key>UID</key>
+							<integer>0</integer>
+						</dict>
+					</array>
+					<key>GID</key>
+					<integer>0</integer>
+					<key>PATH</key>
+					<string>/</string>
+					<key>PATH_TYPE</key>
+					<integer>0</integer>
+					<key>PERMISSIONS</key>
+					<integer>493</integer>
+					<key>TYPE</key>
+					<integer>1</integer>
+					<key>UID</key>
+					<integer>0</integer>
+				</dict>
+				<key>PAYLOAD_TYPE</key>
+				<integer>0</integer>
+				<key>PRESERVE_EXTENDED_ATTRIBUTES</key>
+				<false/>
+				<key>SHOW_INVISIBLE</key>
+				<false/>
+				<key>SPLIT_FORKS</key>
+				<true/>
+				<key>TREAT_MISSING_FILES_AS_WARNING</key>
+				<false/>
+				<key>VERSION</key>
+				<integer>5</integer>
+			</dict>
+			<key>PACKAGE_SCRIPTS</key>
+			<dict>
+				<key>POSTINSTALL_PATH</key>
+				<dict>
+					<key>PATH</key>
+					<string>postinst.sh</string>
+					<key>PATH_TYPE</key>
+					<integer>1</integer>
+				</dict>
+				<key>PREINSTALL_PATH</key>
+				<dict>
+					<key>PATH</key>
+					<string>preinst.sh</string>
+					<key>PATH_TYPE</key>
+					<integer>1</integer>
+				</dict>
+				<key>RESOURCES</key>
+				<array/>
+			</dict>
+			<key>PACKAGE_SETTINGS</key>
+			<dict>
+				<key>AUTHENTICATION</key>
+				<integer>1</integer>
+				<key>CONCLUSION_ACTION</key>
+				<integer>0</integer>
+				<key>FOLLOW_SYMBOLIC_LINKS</key>
+				<false/>
+				<key>IDENTIFIER</key>
+				<string>com.zerotier.pkg.ZeroTierOne</string>
+				<key>LOCATION</key>
+				<integer>0</integer>
+				<key>NAME</key>
+				<string>ZeroTier One</string>
+				<key>OVERWRITE_PERMISSIONS</key>
+				<false/>
+				<key>PAYLOAD_SIZE</key>
+				<integer>-1</integer>
+				<key>REFERENCE_PATH</key>
+				<string></string>
+				<key>RELOCATABLE</key>
+				<false/>
+				<key>USE_HFS+_COMPRESSION</key>
+				<false/>
+				<key>VERSION</key>
+				<string>1.4.2</string>
+			</dict>
+			<key>TYPE</key>
+			<integer>0</integer>
+			<key>UUID</key>
+			<string>1B6AFC3A-9EA5-4401-83D4-37F06CD13CD6</string>
+		</dict>
+	</array>
 	<key>PROJECT</key>
 	<dict>
-		<key>PACKAGE_FILES</key>
-		<dict>
-			<key>DEFAULT_INSTALL_LOCATION</key>
-			<string>/</string>
-			<key>HIERARCHY</key>
-			<dict>
-				<key>CHILDREN</key>
-				<array>
-					<dict>
-						<key>CHILDREN</key>
-						<array>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>80</integer>
-								<key>PATH</key>
-								<string>Utilities</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>80</integer>
-								<key>PATH</key>
-								<string>../../../macui/build/Release/ZeroTier One.app</string>
-								<key>PATH_TYPE</key>
-								<integer>1</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>3</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-						</array>
-						<key>GID</key>
-						<integer>80</integer>
-						<key>PATH</key>
-						<string>Applications</string>
-						<key>PATH_TYPE</key>
-						<integer>0</integer>
-						<key>PERMISSIONS</key>
-						<integer>509</integer>
-						<key>TYPE</key>
-						<integer>1</integer>
-						<key>UID</key>
-						<integer>0</integer>
-					</dict>
-					<dict>
-						<key>CHILDREN</key>
-						<array>
-							<dict>
-								<key>CHILDREN</key>
-								<array>
-									<dict>
-										<key>CHILDREN</key>
-										<array>
-											<dict>
-												<key>CHILDREN</key>
-												<array>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>0</integer>
-														<key>PATH</key>
-														<string>get-proxy-settings.sh</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>0</integer>
-														<key>PATH</key>
-														<string>launch.sh</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>80</integer>
-														<key>PATH</key>
-														<string>../../../MacEthernetTapAgent</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>0</integer>
-														<key>PATH</key>
-														<string>uninstall.sh</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-													<dict>
-														<key>CHILDREN</key>
-														<array/>
-														<key>GID</key>
-														<integer>0</integer>
-														<key>PATH</key>
-														<string>../../../zerotier-one</string>
-														<key>PATH_TYPE</key>
-														<integer>1</integer>
-														<key>PERMISSIONS</key>
-														<integer>493</integer>
-														<key>TYPE</key>
-														<integer>3</integer>
-														<key>UID</key>
-														<integer>0</integer>
-													</dict>
-												</array>
-												<key>GID</key>
-												<integer>80</integer>
-												<key>PATH</key>
-												<string>One</string>
-												<key>PATH_TYPE</key>
-												<integer>0</integer>
-												<key>PERMISSIONS</key>
-												<integer>493</integer>
-												<key>TYPE</key>
-												<integer>2</integer>
-												<key>UID</key>
-												<integer>0</integer>
-											</dict>
-										</array>
-										<key>GID</key>
-										<integer>80</integer>
-										<key>PATH</key>
-										<string>ZeroTier</string>
-										<key>PATH_TYPE</key>
-										<integer>0</integer>
-										<key>PERMISSIONS</key>
-										<integer>493</integer>
-										<key>TYPE</key>
-										<integer>2</integer>
-										<key>UID</key>
-										<integer>0</integer>
-									</dict>
-								</array>
-								<key>GID</key>
-								<integer>80</integer>
-								<key>PATH</key>
-								<string>Application Support</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Automator</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Documentation</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Filesystems</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Frameworks</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Input Methods</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Internet Plug-Ins</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>LaunchAgents</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array>
-									<dict>
-										<key>CHILDREN</key>
-										<array/>
-										<key>GID</key>
-										<integer>0</integer>
-										<key>PATH</key>
-										<string>com.zerotier.one.plist</string>
-										<key>PATH_TYPE</key>
-										<integer>1</integer>
-										<key>PERMISSIONS</key>
-										<integer>420</integer>
-										<key>TYPE</key>
-										<integer>3</integer>
-										<key>UID</key>
-										<integer>0</integer>
-									</dict>
-								</array>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>LaunchDaemons</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>PreferencePanes</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Preferences</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>80</integer>
-								<key>PATH</key>
-								<string>Printers</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>PrivilegedHelperTools</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>QuickLook</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>QuickTime</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Screen Savers</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Scripts</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Services</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Widgets</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-						</array>
-						<key>GID</key>
-						<integer>0</integer>
-						<key>PATH</key>
-						<string>Library</string>
-						<key>PATH_TYPE</key>
-						<integer>0</integer>
-						<key>PERMISSIONS</key>
-						<integer>493</integer>
-						<key>TYPE</key>
-						<integer>1</integer>
-						<key>UID</key>
-						<integer>0</integer>
-					</dict>
-					<dict>
-						<key>CHILDREN</key>
-						<array>
-							<dict>
-								<key>CHILDREN</key>
-								<array>
-									<dict>
-										<key>CHILDREN</key>
-										<array/>
-										<key>GID</key>
-										<integer>0</integer>
-										<key>PATH</key>
-										<string>Extensions</string>
-										<key>PATH_TYPE</key>
-										<integer>0</integer>
-										<key>PERMISSIONS</key>
-										<integer>493</integer>
-										<key>TYPE</key>
-										<integer>1</integer>
-										<key>UID</key>
-										<integer>0</integer>
-									</dict>
-								</array>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Library</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>493</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-						</array>
-						<key>GID</key>
-						<integer>0</integer>
-						<key>PATH</key>
-						<string>System</string>
-						<key>PATH_TYPE</key>
-						<integer>0</integer>
-						<key>PERMISSIONS</key>
-						<integer>493</integer>
-						<key>TYPE</key>
-						<integer>1</integer>
-						<key>UID</key>
-						<integer>0</integer>
-					</dict>
-					<dict>
-						<key>CHILDREN</key>
-						<array>
-							<dict>
-								<key>CHILDREN</key>
-								<array/>
-								<key>GID</key>
-								<integer>0</integer>
-								<key>PATH</key>
-								<string>Shared</string>
-								<key>PATH_TYPE</key>
-								<integer>0</integer>
-								<key>PERMISSIONS</key>
-								<integer>1023</integer>
-								<key>TYPE</key>
-								<integer>1</integer>
-								<key>UID</key>
-								<integer>0</integer>
-							</dict>
-						</array>
-						<key>GID</key>
-						<integer>80</integer>
-						<key>PATH</key>
-						<string>Users</string>
-						<key>PATH_TYPE</key>
-						<integer>0</integer>
-						<key>PERMISSIONS</key>
-						<integer>493</integer>
-						<key>TYPE</key>
-						<integer>1</integer>
-						<key>UID</key>
-						<integer>0</integer>
-					</dict>
-				</array>
-				<key>GID</key>
-				<integer>0</integer>
-				<key>PATH</key>
-				<string>/</string>
-				<key>PATH_TYPE</key>
-				<integer>0</integer>
-				<key>PERMISSIONS</key>
-				<integer>493</integer>
-				<key>TYPE</key>
-				<integer>1</integer>
-				<key>UID</key>
-				<integer>0</integer>
-			</dict>
-			<key>PAYLOAD_TYPE</key>
-			<integer>0</integer>
-			<key>SHOW_INVISIBLE</key>
-			<false/>
-			<key>SPLIT_FORKS</key>
-			<true/>
-			<key>TREAT_MISSING_FILES_AS_WARNING</key>
-			<false/>
-			<key>VERSION</key>
-			<integer>3</integer>
-		</dict>
-		<key>PACKAGE_SCRIPTS</key>
-		<dict>
-			<key>POSTINSTALL_PATH</key>
-			<dict>
-				<key>PATH</key>
-				<string>postinst.sh</string>
-				<key>PATH_TYPE</key>
-				<integer>1</integer>
-			</dict>
-			<key>PREINSTALL_PATH</key>
-			<dict>
-				<key>PATH</key>
-				<string>preinst.sh</string>
-				<key>PATH_TYPE</key>
-				<integer>1</integer>
-			</dict>
-			<key>RESOURCES</key>
-			<array/>
-		</dict>
-		<key>PACKAGE_SETTINGS</key>
-		<dict>
-			<key>AUTHENTICATION</key>
-			<integer>1</integer>
-			<key>CONCLUSION_ACTION</key>
-			<integer>0</integer>
-			<key>FOLLOW_SYMBOLIC_LINKS</key>
-			<false/>
-			<key>IDENTIFIER</key>
-			<string>com.zerotier.pkg.ZeroTierOne</string>
-			<key>LOCATION</key>
-			<integer>0</integer>
-			<key>NAME</key>
-			<string></string>
-			<key>OVERWRITE_PERMISSIONS</key>
-			<false/>
-			<key>PAYLOAD_SIZE</key>
-			<integer>-1</integer>
-			<key>RELOCATABLE</key>
-			<false/>
-			<key>USE_HFS+_COMPRESSION</key>
-			<false/>
-			<key>VERSION</key>
-			<string>1.4.2</string>
-		</dict>
 		<key>PROJECT_COMMENTS</key>
 		<dict>
 			<key>NOTES</key>
@@ -701,8 +762,139 @@
 			dG1sPgo=
 			</data>
 		</dict>
+		<key>PROJECT_PRESENTATION</key>
+		<dict>
+			<key>BACKGROUND</key>
+			<dict>
+				<key>APPAREANCES</key>
+				<dict>
+					<key>DARK_AQUA</key>
+					<dict/>
+					<key>LIGHT_AQUA</key>
+					<dict/>
+				</dict>
+				<key>SHARED_SETTINGS_FOR_ALL_APPAREANCES</key>
+				<true/>
+			</dict>
+			<key>INSTALLATION_STEPS</key>
+			<array>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewIntroductionController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>Introduction</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewReadMeController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>ReadMe</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewLicenseController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>License</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewDestinationSelectController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>TargetSelect</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewInstallationTypeController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>PackageSelection</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewInstallationController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>Install</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+				<dict>
+					<key>ICPRESENTATION_CHAPTER_VIEW_CONTROLLER_CLASS</key>
+					<string>ICPresentationViewSummaryController</string>
+					<key>INSTALLER_PLUGIN</key>
+					<string>Summary</string>
+					<key>LIST_TITLE_KEY</key>
+					<string>InstallerSectionTitle</string>
+				</dict>
+			</array>
+			<key>INTRODUCTION</key>
+			<dict>
+				<key>LOCALIZATIONS</key>
+				<array/>
+			</dict>
+			<key>LICENSE</key>
+			<dict>
+				<key>LOCALIZATIONS</key>
+				<array/>
+				<key>MODE</key>
+				<integer>0</integer>
+			</dict>
+			<key>README</key>
+			<dict>
+				<key>LOCALIZATIONS</key>
+				<array/>
+			</dict>
+			<key>TITLE</key>
+			<dict>
+				<key>LOCALIZATIONS</key>
+				<array/>
+			</dict>
+		</dict>
+		<key>PROJECT_REQUIREMENTS</key>
+		<dict>
+			<key>LIST</key>
+			<array>
+				<dict>
+					<key>BEHAVIOR</key>
+					<integer>3</integer>
+					<key>DICTIONARY</key>
+					<dict>
+						<key>IC_REQUIREMENT_OS_DISK_TYPE</key>
+						<integer>0</integer>
+						<key>IC_REQUIREMENT_OS_DISTRIBUTION_TYPE</key>
+						<integer>0</integer>
+						<key>IC_REQUIREMENT_OS_MINIMUM_VERSION</key>
+						<integer>100900</integer>
+					</dict>
+					<key>IC_REQUIREMENT_CHECK_TYPE</key>
+					<integer>1</integer>
+					<key>IDENTIFIER</key>
+					<string>fr.whitebox.Packages.requirement.os</string>
+					<key>MESSAGE</key>
+					<array/>
+					<key>NAME</key>
+					<string>Operating System</string>
+					<key>STATE</key>
+					<true/>
+				</dict>
+			</array>
+			<key>RESOURCES</key>
+			<array/>
+			<key>ROOT_VOLUME_ONLY</key>
+			<false/>
+		</dict>
 		<key>PROJECT_SETTINGS</key>
 		<dict>
+			<key>BUILD_FORMAT</key>
+			<integer>0</integer>
 			<key>BUILD_PATH</key>
 			<dict>
 				<key>PATH</key>
@@ -882,10 +1074,17 @@
 			<string>ZeroTier One</string>
 			<key>PAYLOAD_ONLY</key>
 			<false/>
+			<key>TREAT_MISSING_PRESENTATION_DOCUMENTS_AS_WARNING</key>
+			<false/>
 		</dict>
 	</dict>
+	<key>SHARED_GLOBAL_DATA</key>
+	<dict>
+		<key>IC_REQUIREMENT_JAVASCRIPT_SHARED_SOURCE_CODE</key>
+		<string></string>
+	</dict>
 	<key>TYPE</key>
-	<integer>1</integer>
+	<integer>0</integer>
 	<key>VERSION</key>
 	<integer>2</integer>
 </dict>
diff --git a/ext/installfiles/mac/postinst.sh b/ext/installfiles/mac/postinst.sh
index b4ea2ee23..95301a4e9 100755
--- a/ext/installfiles/mac/postinst.sh
+++ b/ext/installfiles/mac/postinst.sh
@@ -3,6 +3,7 @@
 export PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin
 
 OSX_RELEASE=`sw_vers -productVersion | cut -d . -f 1,2`
+DARWIN_MAJOR=`uname -r | cut -d . -f 1`
 
 launchctl unload /Library/LaunchDaemons/com.zerotier.one.plist >>/dev/null 2>&1
 sleep 0.5
@@ -43,9 +44,11 @@ rm -f zerotier-cli zerotier-idtool
 ln -sf "/Library/Application Support/ZeroTier/One/zerotier-one" zerotier-cli
 ln -sf "/Library/Application Support/ZeroTier/One/zerotier-one" zerotier-idtool
 
-cd "/Library/Application Support/ZeroTier/One"
-kextload -r . tap.kext >>/dev/null 2>&1 &
-disown %1
+if [ $DARWIN_MAJOR -le 16 ]; then
+	cd "/Library/Application Support/ZeroTier/One"
+	kextload -r . tap.kext >>/dev/null 2>&1 &
+	disown %1
+fi
 
 launchctl load /Library/LaunchDaemons/com.zerotier.one.plist >>/dev/null 2>&1
 
diff --git a/osdep/BSDEthernetTap.hpp b/osdep/BSDEthernetTap.hpp
index deefd5c74..5b1fe2dc8 100644
--- a/osdep/BSDEthernetTap.hpp
+++ b/osdep/BSDEthernetTap.hpp
@@ -38,10 +38,11 @@
 #include "../node/MulticastGroup.hpp"
 #include "../node/MAC.hpp"
 #include "Thread.hpp"
+#include "EthernetTap.hpp"
 
 namespace ZeroTier {
 
-class BSDEthernetTap
+class BSDEthernetTap : public EthernetTap
 {
 public:
 	BSDEthernetTap(
@@ -54,18 +55,18 @@ public:
 		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~BSDEthernetTap();
+	virtual ~BSDEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
-	void setMtu(unsigned int mtu);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
 
 	void threadMain()
 		throw();
diff --git a/osdep/EthernetTap.cpp b/osdep/EthernetTap.cpp
new file mode 100644
index 000000000..a10db55fe
--- /dev/null
+++ b/osdep/EthernetTap.cpp
@@ -0,0 +1,117 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2019  ZeroTier, Inc.  https://www.zerotier.com/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * You can be released from the requirements of the license by purchasing
+ * a commercial license. Buying such a license is mandatory as soon as you
+ * develop commercial closed-source software that incorporates or links
+ * directly against ZeroTier software without disclosing the source code
+ * of your own application.
+ */
+
+#include "EthernetTap.hpp"
+#include "OSUtils.hpp"
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef __APPLE__
+#include <errno.h>
+#include <sys/sysctl.h>
+#include "MacEthernetTap.hpp"
+#include "MacKextEthernetTap.hpp"
+#endif // __APPLE__
+
+#ifdef __LINUX__
+#include "LinuxEthernetTap.hpp"
+#endif // __LINUX__
+
+#ifdef __WINDOWS__
+#include "WindowsEthernetTap.hpp"
+#endif // __WINDOWS__
+
+#ifdef __FreeBSD__
+#include "BSDEthernetTap.hpp"
+#endif // __FreeBSD__
+
+#ifdef __NetBSD__
+#include "NetBSDEthernetTap.hpp"
+#endif // __NetBSD__
+
+#ifdef __OpenBSD__
+#include "BSDEthernetTap.hpp"
+#endif // __OpenBSD__
+
+namespace ZeroTier {
+
+std::shared_ptr<EthernetTap> EthernetTap::newInstance(
+	const char *tapDeviceType, // OS-specific, NULL for default
+	const char *homePath,
+	const MAC &mac,
+	unsigned int mtu,
+	unsigned int metric,
+	uint64_t nwid,
+	const char *friendlyName,
+	void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
+	void *arg)
+{
+#ifdef __APPLE__
+	char osrelease[256];
+	size_t size = sizeof(osrelease);
+	if (sysctlbyname("kern.osrelease",osrelease,&size,nullptr,0) == 0) {
+		char *dotAt = strchr(osrelease,'.');
+		if (dotAt) {
+			*dotAt = (char)0;
+			// The "feth" virtual Ethernet device type appeared in Darwin 17.x.x. Older versions
+			// (Sierra and earlier) must use the a kernel extension.
+			if (strtol(osrelease,(char **)0,10) < 17) {
+				return std::shared_ptr<EthernetTap>(new MacKextEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+			} else {
+				return std::shared_ptr<EthernetTap>(new MacEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+			}
+		}
+	}
+#endif // __APPLE__
+
+#ifdef __LINUX__
+	return std::shared_ptr<EthernetTap>(new LinuxEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __LINUX__
+
+#ifdef __WINDOWS__
+	return std::shared_ptr<EthernetTap>(new WindowsEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __WINDOWS__
+
+#ifdef __FreeBSD__
+	return std::shared_ptr<EthernetTap>(new BSDEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __FreeBSD__
+
+#ifdef __NetBSD__
+	return std::shared_ptr<EthernetTap>(new NetBSDEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __NetBSD__
+
+#ifdef __OpenBSD__
+	return std::shared_ptr<EthernetTap>(new BSDEthernetTap(homePath,mac,mtu,metric,nwid,friendlyName,handler,arg));
+#endif // __OpenBSD__
+
+	return std::shared_ptr<EthernetTap>();
+}
+
+EthernetTap::EthernetTap() {}
+EthernetTap::~EthernetTap() {}
+
+} // namespace ZeroTier
diff --git a/osdep/EthernetTap.hpp b/osdep/EthernetTap.hpp
new file mode 100644
index 000000000..fc8fc8482
--- /dev/null
+++ b/osdep/EthernetTap.hpp
@@ -0,0 +1,72 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2019  ZeroTier, Inc.  https://www.zerotier.com/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * You can be released from the requirements of the license by purchasing
+ * a commercial license. Buying such a license is mandatory as soon as you
+ * develop commercial closed-source software that incorporates or links
+ * directly against ZeroTier software without disclosing the source code
+ * of your own application.
+ */
+
+#ifndef ZT_ETHERNETTAP_HPP
+#define ZT_ETHERNETTAP_HPP
+
+#include "../node/Constants.hpp"
+#include "../node/MAC.hpp"
+#include "../node/InetAddress.hpp"
+#include "../node/MulticastGroup.hpp"
+
+#include <string>
+#include <memory>
+#include <vector>
+
+namespace ZeroTier {
+
+class EthernetTap
+{
+public:
+	static std::shared_ptr<EthernetTap> newInstance(
+		const char *tapDeviceType, // OS-specific, NULL for default
+		const char *homePath,
+		const MAC &mac,
+		unsigned int mtu,
+		unsigned int metric,
+		uint64_t nwid,
+		const char *friendlyName,
+		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
+		void *arg);
+
+	EthernetTap();
+	virtual ~EthernetTap();
+
+	virtual void setEnabled(bool en) = 0;
+	virtual bool enabled() const = 0;
+	virtual bool addIp(const InetAddress &ip) = 0;
+	virtual bool removeIp(const InetAddress &ip) = 0;
+	virtual std::vector<InetAddress> ips() const = 0;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len) = 0;
+	virtual std::string deviceName() const = 0;
+	virtual void setFriendlyName(const char *friendlyName) = 0;
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed) = 0;
+	virtual void setMtu(unsigned int mtu) = 0;
+};
+
+} // namespace ZeroTier
+
+#endif
diff --git a/osdep/LinuxEthernetTap.cpp b/osdep/LinuxEthernetTap.cpp
index 2ea93dd1d..5ed49eef8 100644
--- a/osdep/LinuxEthernetTap.cpp
+++ b/osdep/LinuxEthernetTap.cpp
@@ -24,6 +24,17 @@
  * of your own application.
  */
 
+#include "../node/Constants.hpp"
+
+#ifdef __LINUX__
+
+#include "../node/Utils.hpp"
+#include "../node/Mutex.hpp"
+#include "../node/Dictionary.hpp"
+#include "OSUtils.hpp"
+#include "LinuxEthernetTap.hpp"
+#include "LinuxNetLink.hpp"
+
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -50,14 +61,6 @@
 #include <utility>
 #include <string>
 
-#include "../node/Constants.hpp"
-#include "../node/Utils.hpp"
-#include "../node/Mutex.hpp"
-#include "../node/Dictionary.hpp"
-#include "OSUtils.hpp"
-#include "LinuxEthernetTap.hpp"
-#include "LinuxNetLink.hpp"
-
 // ff:ff:ff:ff:ff:ff with no ADI
 static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
 
@@ -519,3 +522,5 @@ void LinuxEthernetTap::threadMain()
 }
 
 } // namespace ZeroTier
+
+#endif // __LINUX__
diff --git a/osdep/LinuxEthernetTap.hpp b/osdep/LinuxEthernetTap.hpp
index 050bec343..1acecb4b6 100644
--- a/osdep/LinuxEthernetTap.hpp
+++ b/osdep/LinuxEthernetTap.hpp
@@ -33,16 +33,15 @@
 #include <string>
 #include <vector>
 #include <stdexcept>
+#include <atomic>
 
 #include "../node/MulticastGroup.hpp"
 #include "Thread.hpp"
+#include "EthernetTap.hpp"
 
 namespace ZeroTier {
 
-/**
- * Linux Ethernet tap using kernel tun/tap driver
- */
-class LinuxEthernetTap
+class LinuxEthernetTap : public EthernetTap
 {
 public:
 	LinuxEthernetTap(
@@ -55,21 +54,21 @@ public:
 		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~LinuxEthernetTap();
+	virtual ~LinuxEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
 #ifdef __SYNOLOGY__
 	bool addIpSyn(std::vector<InetAddress> ips);
 #endif
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
-	void setMtu(unsigned int mtu);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
 
 	void threadMain()
 		throw();
@@ -85,7 +84,7 @@ private:
 	unsigned int _mtu;
 	int _fd;
 	int _shutdownSignalPipe[2];
-	volatile bool _enabled;
+	std::atomic_bool _enabled;
 };
 
 } // namespace ZeroTier
diff --git a/osdep/MacEthernetTap.cpp b/osdep/MacEthernetTap.cpp
index a11a75e24..237df4704 100644
--- a/osdep/MacEthernetTap.cpp
+++ b/osdep/MacEthernetTap.cpp
@@ -24,6 +24,17 @@
  * of your own application.
  */
 
+#include "../node/Constants.hpp"
+
+#ifdef __APPLE__
+
+#include "../node/Utils.hpp"
+#include "../node/Mutex.hpp"
+#include "../node/Dictionary.hpp"
+#include "OSUtils.hpp"
+#include "MacEthernetTap.hpp"
+#include "MacEthernetTapAgent.h"
+
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -57,14 +68,6 @@
 #include <set>
 #include <algorithm>
 
-#include "../node/Constants.hpp"
-#include "../node/Utils.hpp"
-#include "../node/Mutex.hpp"
-#include "../node/Dictionary.hpp"
-#include "OSUtils.hpp"
-#include "MacEthernetTap.hpp"
-#include "MacEthernetTapAgent.h"
-
 static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
 
 namespace ZeroTier {
@@ -463,3 +466,5 @@ void MacEthernetTap::threadMain()
 }
 
 } // namespace ZeroTier
+
+#endif // __APPLE__
diff --git a/osdep/MacEthernetTap.hpp b/osdep/MacEthernetTap.hpp
index fb5bc6dbb..2eef59be6 100644
--- a/osdep/MacEthernetTap.hpp
+++ b/osdep/MacEthernetTap.hpp
@@ -27,6 +27,14 @@
 #ifndef ZT_OSXETHERNETTAP_HPP
 #define ZT_OSXETHERNETTAP_HPP
 
+#include "../node/Constants.hpp"
+#include "../node/MAC.hpp"
+#include "../node/InetAddress.hpp"
+#include "../node/MulticastGroup.hpp"
+#include "../node/Mutex.hpp"
+#include "Thread.hpp"
+#include "EthernetTap.hpp"
+
 #include <stdio.h>
 #include <stdlib.h>
 
@@ -34,17 +42,9 @@
 #include <string>
 #include <vector>
 
-#include "../node/Constants.hpp"
-#include "../node/MAC.hpp"
-#include "../node/InetAddress.hpp"
-#include "../node/MulticastGroup.hpp"
-#include "../node/Mutex.hpp"
-
-#include "Thread.hpp"
-
 namespace ZeroTier {
 
-class MacEthernetTap
+class MacEthernetTap : public EthernetTap
 {
 public:
 	MacEthernetTap(
@@ -57,18 +57,18 @@ public:
 		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~MacEthernetTap();
+	virtual ~MacEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
-	void setMtu(unsigned int mtu);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
 
 	void threadMain()
 		throw();
diff --git a/osdep/MacKextEthernetTap.cpp b/osdep/MacKextEthernetTap.cpp
new file mode 100644
index 000000000..4f0520a65
--- /dev/null
+++ b/osdep/MacKextEthernetTap.cpp
@@ -0,0 +1,703 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2018  ZeroTier, Inc.  https://www.zerotier.com/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * You can be released from the requirements of the license by purchasing
+ * a commercial license. Buying such a license is mandatory as soon as you
+ * develop commercial closed-source software that incorporates or links
+ * directly against ZeroTier software without disclosing the source code
+ * of your own application.
+ */
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+
+#include <unistd.h>
+#include <signal.h>
+
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/ioctl.h>
+#include <sys/wait.h>
+#include <sys/select.h>
+#include <sys/cdefs.h>
+#include <sys/uio.h>
+#include <sys/param.h>
+#include <sys/ioctl.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <net/route.h>
+#include <net/if.h>
+#include <net/if_arp.h>
+#include <net/if_dl.h>
+#include <net/if_media.h>
+#include <sys/sysctl.h>
+#include <netinet6/in6_var.h>
+#include <netinet/in_var.h>
+#include <netinet/icmp6.h>
+
+// OSX compile fix... in6_var defines this in a struct which namespaces it for C++ ... why?!?
+struct prf_ra {
+	u_char onlink : 1;
+	u_char autonomous : 1;
+	u_char reserved : 6;
+} prf_ra;
+
+#include <netinet6/nd6.h>
+#include <ifaddrs.h>
+
+// These are KERNEL_PRIVATE... why?
+#ifndef SIOCAUTOCONF_START
+#define SIOCAUTOCONF_START _IOWR('i', 132, struct in6_ifreq)    /* accept rtadvd on this interface */
+#endif
+#ifndef SIOCAUTOCONF_STOP
+#define SIOCAUTOCONF_STOP _IOWR('i', 133, struct in6_ifreq)    /* stop accepting rtadv for this interface */
+#endif
+
+// --------------------------------------------------------------------------
+// --------------------------------------------------------------------------
+// This source is from:
+// http://www.opensource.apple.com/source/Libinfo/Libinfo-406.17/gen.subproj/getifmaddrs.c?txt
+// It's here because OSX 10.6 does not have this convenience function.
+
+#define	SALIGN	(sizeof(uint32_t) - 1)
+#define	SA_RLEN(sa)	((sa)->sa_len ? (((sa)->sa_len + SALIGN) & ~SALIGN) : \
+(SALIGN + 1))
+#define	MAX_SYSCTL_TRY	5
+#define	RTA_MASKS	(RTA_GATEWAY | RTA_IFP | RTA_IFA)
+
+/* FreeBSD uses NET_RT_IFMALIST and RTM_NEWMADDR from <sys/socket.h> */
+/* We can use NET_RT_IFLIST2 and RTM_NEWMADDR2 on Darwin */
+//#define DARWIN_COMPAT
+
+//#ifdef DARWIN_COMPAT
+#define GIM_SYSCTL_MIB NET_RT_IFLIST2
+#define GIM_RTM_ADDR RTM_NEWMADDR2
+//#else
+//#define GIM_SYSCTL_MIB NET_RT_IFMALIST
+//#define GIM_RTM_ADDR RTM_NEWMADDR
+//#endif
+
+// Not in 10.6 includes so use our own
+struct _intl_ifmaddrs {
+	struct _intl_ifmaddrs *ifma_next;
+	struct sockaddr *ifma_name;
+	struct sockaddr *ifma_addr;
+	struct sockaddr *ifma_lladdr;
+};
+
+static inline int _intl_getifmaddrs(struct _intl_ifmaddrs **pif)
+{
+	int icnt = 1;
+	int dcnt = 0;
+	int ntry = 0;
+	size_t len;
+	size_t needed;
+	int mib[6];
+	int i;
+	char *buf;
+	char *data;
+	char *next;
+	char *p;
+	struct ifma_msghdr2 *ifmam;
+	struct _intl_ifmaddrs *ifa, *ift;
+	struct rt_msghdr *rtm;
+	struct sockaddr *sa;
+
+	mib[0] = CTL_NET;
+	mib[1] = PF_ROUTE;
+	mib[2] = 0;             /* protocol */
+	mib[3] = 0;             /* wildcard address family */
+	mib[4] = GIM_SYSCTL_MIB;
+	mib[5] = 0;             /* no flags */
+	do {
+		if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0)
+			return (-1);
+		if ((buf = (char *)malloc(needed)) == NULL)
+			return (-1);
+		if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) {
+			if (errno != ENOMEM || ++ntry >= MAX_SYSCTL_TRY) {
+				free(buf);
+				return (-1);
+			}
+			free(buf);
+			buf = NULL;
+		}
+	} while (buf == NULL);
+
+	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
+		rtm = (struct rt_msghdr *)(void *)next;
+		if (rtm->rtm_version != RTM_VERSION)
+			continue;
+		switch (rtm->rtm_type) {
+			case GIM_RTM_ADDR:
+				ifmam = (struct ifma_msghdr2 *)(void *)rtm;
+				if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
+					break;
+				icnt++;
+				p = (char *)(ifmam + 1);
+				for (i = 0; i < RTAX_MAX; i++) {
+					if ((RTA_MASKS & ifmam->ifmam_addrs &
+						 (1 << i)) == 0)
+						continue;
+					sa = (struct sockaddr *)(void *)p;
+					len = SA_RLEN(sa);
+					dcnt += len;
+					p += len;
+				}
+				break;
+		}
+	}
+
+	data = (char *)malloc(sizeof(struct _intl_ifmaddrs) * icnt + dcnt);
+	if (data == NULL) {
+		free(buf);
+		return (-1);
+	}
+
+	ifa = (struct _intl_ifmaddrs *)(void *)data;
+	data += sizeof(struct _intl_ifmaddrs) * icnt;
+
+	memset(ifa, 0, sizeof(struct _intl_ifmaddrs) * icnt);
+	ift = ifa;
+
+	for (next = buf; next < buf + needed; next += rtm->rtm_msglen) {
+		rtm = (struct rt_msghdr *)(void *)next;
+		if (rtm->rtm_version != RTM_VERSION)
+			continue;
+
+		switch (rtm->rtm_type) {
+			case GIM_RTM_ADDR:
+				ifmam = (struct ifma_msghdr2 *)(void *)rtm;
+				if ((ifmam->ifmam_addrs & RTA_IFA) == 0)
+					break;
+
+				p = (char *)(ifmam + 1);
+				for (i = 0; i < RTAX_MAX; i++) {
+					if ((RTA_MASKS & ifmam->ifmam_addrs &
+						 (1 << i)) == 0)
+						continue;
+					sa = (struct sockaddr *)(void *)p;
+					len = SA_RLEN(sa);
+					switch (i) {
+						case RTAX_GATEWAY:
+							ift->ifma_lladdr =
+							(struct sockaddr *)(void *)data;
+							memcpy(data, p, len);
+							data += len;
+							break;
+
+						case RTAX_IFP:
+							ift->ifma_name =
+							(struct sockaddr *)(void *)data;
+							memcpy(data, p, len);
+							data += len;
+							break;
+
+						case RTAX_IFA:
+							ift->ifma_addr =
+							(struct sockaddr *)(void *)data;
+							memcpy(data, p, len);
+							data += len;
+							break;
+
+						default:
+							data += len;
+							break;
+					}
+					p += len;
+				}
+				ift->ifma_next = ift + 1;
+				ift = ift->ifma_next;
+				break;
+		}
+	}
+
+	free(buf);
+
+	if (ift > ifa) {
+		ift--;
+		ift->ifma_next = NULL;
+		*pif = ifa;
+	} else {
+		*pif = NULL;
+		free(ifa);
+	}
+	return (0);
+}
+
+static inline void _intl_freeifmaddrs(struct _intl_ifmaddrs *ifmp)
+{
+	free(ifmp);
+}
+
+// --------------------------------------------------------------------------
+// --------------------------------------------------------------------------
+
+#include <string>
+#include <map>
+#include <set>
+#include <algorithm>
+
+#include "../node/Constants.hpp"
+#include "../node/Utils.hpp"
+#include "../node/Mutex.hpp"
+#include "../node/Dictionary.hpp"
+#include "OSUtils.hpp"
+#include "MacKextEthernetTap.hpp"
+
+// ff:ff:ff:ff:ff:ff with no ADI
+static const ZeroTier::MulticastGroup _blindWildcardMulticastGroup(ZeroTier::MAC(0xff),0);
+
+static inline bool _setIpv6Stuff(const char *ifname,bool performNUD,bool acceptRouterAdverts)
+{
+	struct in6_ndireq nd;
+	struct in6_ifreq ifr;
+
+	int s = socket(AF_INET6,SOCK_DGRAM,0);
+	if (s <= 0)
+		return false;
+
+	memset(&nd,0,sizeof(nd));
+	strncpy(nd.ifname,ifname,sizeof(nd.ifname));
+
+	if (ioctl(s,SIOCGIFINFO_IN6,&nd)) {
+		close(s);
+		return false;
+	}
+
+	unsigned long oldFlags = (unsigned long)nd.ndi.flags;
+
+	if (performNUD)
+		nd.ndi.flags |= ND6_IFF_PERFORMNUD;
+	else nd.ndi.flags &= ~ND6_IFF_PERFORMNUD;
+
+	if (oldFlags != (unsigned long)nd.ndi.flags) {
+		if (ioctl(s,SIOCSIFINFO_FLAGS,&nd)) {
+			close(s);
+			return false;
+		}
+	}
+
+	memset(&ifr,0,sizeof(ifr));
+	strncpy(ifr.ifr_name,ifname,sizeof(ifr.ifr_name));
+	if (ioctl(s,acceptRouterAdverts ? SIOCAUTOCONF_START : SIOCAUTOCONF_STOP,&ifr)) {
+		close(s);
+		return false;
+	}
+
+	close(s);
+	return true;
+}
+
+namespace ZeroTier {
+
+static long globalTapsRunning = 0;
+static Mutex globalTapCreateLock;
+
+MacKextEthernetTap::MacKextEthernetTap(
+	const char *homePath,
+	const MAC &mac,
+	unsigned int mtu,
+	unsigned int metric,
+	uint64_t nwid,
+	const char *friendlyName,
+	void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *data,unsigned int len),
+	void *arg) :
+	_handler(handler),
+	_arg(arg),
+	_nwid(nwid),
+	_homePath(homePath),
+	_mtu(mtu),
+	_metric(metric),
+	_fd(0),
+	_enabled(true)
+{
+	char devpath[64],ethaddr[64],mtustr[32],metstr[32],nwids[32];
+	struct stat stattmp;
+
+	OSUtils::ztsnprintf(nwids,sizeof(nwids),"%.16llx",nwid);
+
+	Mutex::Lock _gl(globalTapCreateLock);
+
+	if (::stat("/dev/zt0",&stattmp)) {
+		long kextpid = (long)vfork();
+		if (kextpid == 0) {
+			::chdir(homePath);
+			OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
+			::execl("/sbin/kextload","/sbin/kextload","-q","-repository",homePath,"tap.kext",(const char *)0);
+			::_exit(-1);
+		} else if (kextpid > 0) {
+			int exitcode = -1;
+			::waitpid(kextpid,&exitcode,0);
+		}
+		::usleep(500); // give tap device driver time to start up and try again
+		if (::stat("/dev/zt0",&stattmp))
+			throw std::runtime_error("/dev/zt# tap devices do not exist and cannot load tap.kext");
+	}
+
+	// Try to reopen the last device we had, if we had one and it's still unused.
+	std::map<std::string,std::string> globalDeviceMap;
+	FILE *devmapf = fopen((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),"r");
+	if (devmapf) {
+		char buf[256];
+		while (fgets(buf,sizeof(buf),devmapf)) {
+			char *x = (char *)0;
+			char *y = (char *)0;
+			char *saveptr = (char *)0;
+			for(char *f=Utils::stok(buf,"\r\n=",&saveptr);(f);f=Utils::stok((char *)0,"\r\n=",&saveptr)) {
+				if (!x) x = f;
+				else if (!y) y = f;
+				else break;
+			}
+			if ((x)&&(y)&&(x[0])&&(y[0]))
+				globalDeviceMap[x] = y;
+		}
+		fclose(devmapf);
+	}
+	bool recalledDevice = false;
+	std::map<std::string,std::string>::const_iterator gdmEntry = globalDeviceMap.find(nwids);
+	if (gdmEntry != globalDeviceMap.end()) {
+		std::string devpath("/dev/"); devpath.append(gdmEntry->second);
+		if (stat(devpath.c_str(),&stattmp) == 0) {
+			_fd = ::open(devpath.c_str(),O_RDWR);
+			if (_fd > 0) {
+				_dev = gdmEntry->second;
+				recalledDevice = true;
+			}
+		}
+	}
+
+	// Open the first unused tap device if we didn't recall a previous one.
+	if (!recalledDevice) {
+		for(int i=0;i<64;++i) {
+			OSUtils::ztsnprintf(devpath,sizeof(devpath),"/dev/zt%d",i);
+			if (stat(devpath,&stattmp))
+				throw std::runtime_error("no more TAP devices available");
+			_fd = ::open(devpath,O_RDWR);
+			if (_fd > 0) {
+				char foo[16];
+				OSUtils::ztsnprintf(foo,sizeof(foo),"zt%d",i);
+				_dev = foo;
+				break;
+			}
+		}
+	}
+
+	if (_fd <= 0)
+		throw std::runtime_error("unable to open TAP device or no more devices available");
+
+	if (fcntl(_fd,F_SETFL,fcntl(_fd,F_GETFL) & ~O_NONBLOCK) == -1) {
+		::close(_fd);
+		throw std::runtime_error("unable to set flags on file descriptor for TAP device");
+	}
+
+	// Configure MAC address and MTU, bring interface up
+	OSUtils::ztsnprintf(ethaddr,sizeof(ethaddr),"%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",(int)mac[0],(int)mac[1],(int)mac[2],(int)mac[3],(int)mac[4],(int)mac[5]);
+	OSUtils::ztsnprintf(mtustr,sizeof(mtustr),"%u",_mtu);
+	OSUtils::ztsnprintf(metstr,sizeof(metstr),"%u",_metric);
+	long cpid = (long)vfork();
+	if (cpid == 0) {
+		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"lladdr",ethaddr,"mtu",mtustr,"metric",metstr,"up",(const char *)0);
+		::_exit(-1);
+	} else if (cpid > 0) {
+		int exitcode = -1;
+		::waitpid(cpid,&exitcode,0);
+		if (exitcode) {
+			::close(_fd);
+			throw std::runtime_error("ifconfig failure setting link-layer address and activating tap interface");
+		}
+	}
+
+	_setIpv6Stuff(_dev.c_str(),true,false);
+
+	// Set close-on-exec so that devices cannot persist if we fork/exec for update
+	fcntl(_fd,F_SETFD,fcntl(_fd,F_GETFD) | FD_CLOEXEC);
+
+	::pipe(_shutdownSignalPipe);
+
+	++globalTapsRunning;
+
+	globalDeviceMap[nwids] = _dev;
+	devmapf = fopen((_homePath + ZT_PATH_SEPARATOR_S + "devicemap").c_str(),"w");
+	if (devmapf) {
+		gdmEntry = globalDeviceMap.begin();
+		while (gdmEntry != globalDeviceMap.end()) {
+			fprintf(devmapf,"%s=%s\n",gdmEntry->first.c_str(),gdmEntry->second.c_str());
+			++gdmEntry;
+		}
+		fclose(devmapf);
+	}
+
+	_thread = Thread::start(this);
+}
+
+MacKextEthernetTap::~MacKextEthernetTap()
+{
+	::write(_shutdownSignalPipe[1],"\0",1); // causes thread to exit
+	Thread::join(_thread);
+
+	::close(_fd);
+	::close(_shutdownSignalPipe[0]);
+	::close(_shutdownSignalPipe[1]);
+
+	{
+		Mutex::Lock _gl(globalTapCreateLock);
+		if (--globalTapsRunning <= 0) {
+			globalTapsRunning = 0; // sanity check -- should not be possible
+
+			char tmp[16384];
+			sprintf(tmp,"%s/%s",_homePath.c_str(),"tap.kext");
+			long kextpid = (long)vfork();
+			if (kextpid == 0) {
+				OSUtils::redirectUnixOutputs("/dev/null",(const char *)0);
+				::execl("/sbin/kextunload","/sbin/kextunload",tmp,(const char *)0);
+				::_exit(-1);
+			} else if (kextpid > 0) {
+				int exitcode = -1;
+				::waitpid(kextpid,&exitcode,0);
+			}
+		}
+	}
+}
+
+void MacKextEthernetTap::setEnabled(bool en)
+{
+	_enabled = en;
+	// TODO: interface status change
+}
+
+bool MacKextEthernetTap::enabled() const
+{
+	return _enabled;
+}
+
+bool MacKextEthernetTap::addIp(const InetAddress &ip)
+{
+	if (!ip)
+		return false;
+
+	long cpid = (long)vfork();
+	if (cpid == 0) {
+		char tmp[128];
+		::execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),(ip.ss_family == AF_INET6) ? "inet6" : "inet",ip.toString(tmp),"alias",(const char *)0);
+		::_exit(-1);
+	} else if (cpid > 0) {
+		int exitcode = -1;
+		::waitpid(cpid,&exitcode,0);
+		return (exitcode == 0);
+	} // else return false...
+
+	return false;
+}
+
+bool MacKextEthernetTap::removeIp(const InetAddress &ip)
+{
+	if (!ip)
+		return true;
+	std::vector<InetAddress> allIps(ips());
+	for(std::vector<InetAddress>::iterator i(allIps.begin());i!=allIps.end();++i) {
+		if (*i == ip) {
+			long cpid = (long)vfork();
+			if (cpid == 0) {
+				char tmp[128];
+				execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),(ip.ss_family == AF_INET6) ? "inet6" : "inet",ip.toIpString(tmp),"-alias",(const char *)0);
+				_exit(-1);
+			} else if (cpid > 0) {
+				int exitcode = -1;
+				waitpid(cpid,&exitcode,0);
+				return (exitcode == 0);
+			}
+		}
+	}
+	return false;
+}
+
+std::vector<InetAddress> MacKextEthernetTap::ips() const
+{
+	struct ifaddrs *ifa = (struct ifaddrs *)0;
+	if (getifaddrs(&ifa))
+		return std::vector<InetAddress>();
+
+	std::vector<InetAddress> r;
+
+	struct ifaddrs *p = ifa;
+	while (p) {
+		if ((!strcmp(p->ifa_name,_dev.c_str()))&&(p->ifa_addr)&&(p->ifa_netmask)&&(p->ifa_addr->sa_family == p->ifa_netmask->sa_family)) {
+			switch(p->ifa_addr->sa_family) {
+				case AF_INET: {
+					struct sockaddr_in *sin = (struct sockaddr_in *)p->ifa_addr;
+					struct sockaddr_in *nm = (struct sockaddr_in *)p->ifa_netmask;
+					r.push_back(InetAddress(&(sin->sin_addr.s_addr),4,Utils::countBits((uint32_t)nm->sin_addr.s_addr)));
+				}	break;
+				case AF_INET6: {
+					struct sockaddr_in6 *sin = (struct sockaddr_in6 *)p->ifa_addr;
+					struct sockaddr_in6 *nm = (struct sockaddr_in6 *)p->ifa_netmask;
+					uint32_t b[4];
+					memcpy(b,nm->sin6_addr.s6_addr,sizeof(b));
+					r.push_back(InetAddress(sin->sin6_addr.s6_addr,16,Utils::countBits(b[0]) + Utils::countBits(b[1]) + Utils::countBits(b[2]) + Utils::countBits(b[3])));
+				}	break;
+			}
+		}
+		p = p->ifa_next;
+	}
+
+	if (ifa)
+		freeifaddrs(ifa);
+
+	std::sort(r.begin(),r.end());
+	r.erase(std::unique(r.begin(),r.end()),r.end());
+
+	return r;
+}
+
+void MacKextEthernetTap::put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
+{
+	char putBuf[ZT_MAX_MTU + 64];
+	if ((_fd > 0)&&(len <= _mtu)&&(_enabled)) {
+		to.copyTo(putBuf,6);
+		from.copyTo(putBuf + 6,6);
+		*((uint16_t *)(putBuf + 12)) = htons((uint16_t)etherType);
+		memcpy(putBuf + 14,data,len);
+		len += 14;
+		::write(_fd,putBuf,len);
+	}
+}
+
+std::string MacKextEthernetTap::deviceName() const
+{
+	return _dev;
+}
+
+void MacKextEthernetTap::setFriendlyName(const char *friendlyName)
+{
+}
+
+void MacKextEthernetTap::scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
+{
+	std::vector<MulticastGroup> newGroups;
+
+	struct _intl_ifmaddrs *ifmap = (struct _intl_ifmaddrs *)0;
+	if (!_intl_getifmaddrs(&ifmap)) {
+		struct _intl_ifmaddrs *p = ifmap;
+		while (p) {
+			if (p->ifma_addr->sa_family == AF_LINK) {
+				struct sockaddr_dl *in = (struct sockaddr_dl *)p->ifma_name;
+				struct sockaddr_dl *la = (struct sockaddr_dl *)p->ifma_addr;
+				if ((la->sdl_alen == 6)&&(in->sdl_nlen <= _dev.length())&&(!memcmp(_dev.data(),in->sdl_data,in->sdl_nlen)))
+					newGroups.push_back(MulticastGroup(MAC(la->sdl_data + la->sdl_nlen,6),0));
+			}
+			p = p->ifma_next;
+		}
+		_intl_freeifmaddrs(ifmap);
+	}
+
+	std::vector<InetAddress> allIps(ips());
+	for(std::vector<InetAddress>::iterator ip(allIps.begin());ip!=allIps.end();++ip)
+		newGroups.push_back(MulticastGroup::deriveMulticastGroupForAddressResolution(*ip));
+
+	std::sort(newGroups.begin(),newGroups.end());
+	std::unique(newGroups.begin(),newGroups.end());
+
+	for(std::vector<MulticastGroup>::iterator m(newGroups.begin());m!=newGroups.end();++m) {
+		if (!std::binary_search(_multicastGroups.begin(),_multicastGroups.end(),*m))
+			added.push_back(*m);
+	}
+	for(std::vector<MulticastGroup>::iterator m(_multicastGroups.begin());m!=_multicastGroups.end();++m) {
+		if (!std::binary_search(newGroups.begin(),newGroups.end(),*m))
+			removed.push_back(*m);
+	}
+
+	_multicastGroups.swap(newGroups);
+}
+
+void MacKextEthernetTap::setMtu(unsigned int mtu)
+{
+	if (mtu != _mtu) {
+		_mtu = mtu;
+		long cpid = (long)vfork();
+		if (cpid == 0) {
+			char tmp[64];
+			OSUtils::ztsnprintf(tmp,sizeof(tmp),"%u",mtu);
+			execl("/sbin/ifconfig","/sbin/ifconfig",_dev.c_str(),"mtu",tmp,(const char *)0);
+			_exit(-1);
+		} else if (cpid > 0) {
+			int exitcode = -1;
+			waitpid(cpid,&exitcode,0);
+		}
+	}
+}
+
+void MacKextEthernetTap::threadMain()
+	throw()
+{
+	fd_set readfds,nullfds;
+	MAC to,from;
+	int n,nfds,r;
+	char getBuf[ZT_MAX_MTU + 64];
+
+	Thread::sleep(500);
+
+	FD_ZERO(&readfds);
+	FD_ZERO(&nullfds);
+	nfds = (int)std::max(_shutdownSignalPipe[0],_fd) + 1;
+
+	r = 0;
+	for(;;) {
+		FD_SET(_shutdownSignalPipe[0],&readfds);
+		FD_SET(_fd,&readfds);
+		select(nfds,&readfds,&nullfds,&nullfds,(struct timeval *)0);
+
+		if (FD_ISSET(_shutdownSignalPipe[0],&readfds)) // writes to shutdown pipe terminate thread
+			break;
+
+		if (FD_ISSET(_fd,&readfds)) {
+			n = (int)::read(_fd,getBuf + r,sizeof(getBuf) - r);
+			if (n < 0) {
+				if ((errno != EINTR)&&(errno != ETIMEDOUT))
+					break;
+			} else {
+				// Some tap drivers like to send the ethernet frame and the
+				// payload in two chunks, so handle that by accumulating
+				// data until we have at least a frame.
+				r += n;
+				if (r > 14) {
+					if (r > ((int)_mtu + 14)) // sanity check for weird TAP behavior on some platforms
+						r = _mtu + 14;
+
+					if (_enabled) {
+						to.setTo(getBuf,6);
+						from.setTo(getBuf + 6,6);
+						unsigned int etherType = ntohs(((const uint16_t *)getBuf)[6]);
+						// TODO: VLAN support
+						_handler(_arg,(void *)0,_nwid,from,to,etherType,0,(const void *)(getBuf + 14),r - 14);
+					}
+
+					r = 0;
+				}
+			}
+		}
+	}
+}
+
+} // namespace ZeroTier
diff --git a/osdep/MacKextEthernetTap.hpp b/osdep/MacKextEthernetTap.hpp
new file mode 100644
index 000000000..fbf2694b2
--- /dev/null
+++ b/osdep/MacKextEthernetTap.hpp
@@ -0,0 +1,93 @@
+/*
+ * ZeroTier One - Network Virtualization Everywhere
+ * Copyright (C) 2011-2018  ZeroTier, Inc.  https://www.zerotier.com/
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * You can be released from the requirements of the license by purchasing
+ * a commercial license. Buying such a license is mandatory as soon as you
+ * develop commercial closed-source software that incorporates or links
+ * directly against ZeroTier software without disclosing the source code
+ * of your own application.
+ */
+
+#ifndef ZT_MacKextEthernetTap_HPP
+#define ZT_MacKextEthernetTap_HPP
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <stdexcept>
+#include <string>
+#include <vector>
+
+#include "../node/Constants.hpp"
+#include "../node/MAC.hpp"
+#include "../node/InetAddress.hpp"
+#include "../node/MulticastGroup.hpp"
+
+#include "Thread.hpp"
+#include "EthernetTap.hpp"
+
+namespace ZeroTier {
+
+class MacKextEthernetTap : public EthernetTap
+{
+public:
+	MacKextEthernetTap(
+		const char *homePath,
+		const MAC &mac,
+		unsigned int mtu,
+		unsigned int metric,
+		uint64_t nwid,
+		const char *friendlyName,
+		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
+		void *arg);
+
+	virtual ~MacKextEthernetTap();
+
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
+
+	void threadMain()
+		throw();
+
+private:
+	void (*_handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int);
+	void *_arg;
+	uint64_t _nwid;
+	Thread _thread;
+	std::string _homePath;
+	std::string _dev;
+	std::vector<MulticastGroup> _multicastGroups;
+	unsigned int _mtu;
+	unsigned int _metric;
+	int _fd;
+	int _shutdownSignalPipe[2];
+	volatile bool _enabled;
+};
+
+} // namespace ZeroTier
+
+#endif
diff --git a/osdep/NetBSDEthernetTap.hpp b/osdep/NetBSDEthernetTap.hpp
index 32b6dfa61..a174816e7 100644
--- a/osdep/NetBSDEthernetTap.hpp
+++ b/osdep/NetBSDEthernetTap.hpp
@@ -38,10 +38,11 @@
 #include "../node/MulticastGroup.hpp"
 #include "../node/MAC.hpp"
 #include "Thread.hpp"
+#include "EthernetTap.hpp"
 
 namespace ZeroTier {
 
-class NetBSDEthernetTap
+class NetBSDEthernetTap : public EthernetTap
 {
 public:
 	NetBSDEthernetTap(
@@ -54,17 +55,17 @@ public:
 		void (*handler)(void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~NetBSDEthernetTap();
+	virtual ~NetBSDEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
 
 	void threadMain()
 		throw();
diff --git a/osdep/TestEthernetTap.hpp b/osdep/TestEthernetTap.hpp
deleted file mode 100644
index 6b44d48e8..000000000
--- a/osdep/TestEthernetTap.hpp
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
- * ZeroTier One - Network Virtualization Everywhere
- * Copyright (C) 2011-2019  ZeroTier, Inc.  https://www.zerotier.com/
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * --
- *
- * You can be released from the requirements of the license by purchasing
- * a commercial license. Buying such a license is mandatory as soon as you
- * develop commercial closed-source software that incorporates or links
- * directly against ZeroTier software without disclosing the source code
- * of your own application.
- */
-
-#ifndef ZT_TESTETHERNETTAP_HPP
-#define ZT_TESTETHERNETTAP_HPP
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-
-#include <string>
-#include <vector>
-#include <stdexcept>
-#include <set>
-
-#include "../node/Constants.hpp"
-#include "../node/InetAddress.hpp"
-#include "../node/MulticastGroup.hpp"
-#include "../node/Mutex.hpp"
-#include "../node/Utils.hpp"
-#include "../osdep/OSUtils.hpp"
-
-namespace ZeroTier {
-
-/**
- * Dummy test Ethernet tap that does not actually open a device on the system
- */
-class TestEthernetTap
-{
-public:
-	TestEthernetTap(
-		const char *homePath,
-		const MAC &mac,
-		unsigned int mtu,
-		unsigned int metric,
-		uint64_t nwid,
-		const char *friendlyName,
-		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
-		void *arg) :
-		_nwid(nwid),
-		_dev("zt_test_"),
-		_enabled(true)
-	{
-		char tmp[32];
-		OSUtils::ztsnprintf(tmp,sizeof(tmp),"%.16llx",(unsigned long long)_nwid);
-		_dev.append(tmp);
-#ifdef ZT_TEST_TAP_REPORT_TO
-		_reportTo.fromString(ZT_TEST_TAP_REPORT_TO);
-		if (_reportTo.ss_family == AF_INET)
-			_reportsock = socket(AF_INET,SOCK_DGRAM,0);
-		else if (_reportTo.ss_family == AF_INET6)
-			_reportsock = socket(AF_INET6,SOCK_DGRAM,0);
-		else _reportsock = -1;
-#endif
-	}
-
-	~TestEthernetTap()
-	{
-#ifdef ZT_TEST_TAP_REPORT_TO
-		if (_reportsock >= 0)
-			close(_reportsock);
-#endif
-	}
-
-	inline void setEnabled(bool en) { _enabled = en; }
-	inline bool enabled() const { return _enabled; }
-
-	inline bool addIp(const InetAddress &ip)
-	{
-		Mutex::Lock _l(_lock);
-		_ips.insert(ip);
-		return true;
-	}
-
-	inline bool removeIp(const InetAddress &ip)
-	{
-		Mutex::Lock _l(_lock);
-		_ips.erase(ip);
-		return true;
-	}
-
-	inline std::vector<InetAddress> ips() const
-	{
-		Mutex::Lock _l(_lock);
-		return std::vector<InetAddress>(_ips.begin(),_ips.end());
-	}
-
-	inline void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len)
-	{
-#ifdef ZT_TEST_TAP_REPORT_TO
-		char tmp[10000];
-		if ((_reportsock >= 0)&&(len < (sizeof(tmp) - 22))) {
-			const uint64_t nwid2 = Utils::hton(_nwid);
-			memcpy(tmp,&nwid2,8);
-			from.copyTo(tmp + 8,6);
-			to.copyTo(tmp + 14,6);
-			const uint16_t etherType2 = Utils::hton((uint16_t)etherType);
-			memcpy(tmp + 20,&etherType2,2);
-			memcpy(tmp + 22,data,len);
-			sendto(_reportsock,tmp,len + 22,0,reinterpret_cast<const struct sockaddr *>(&_reportTo),(_reportTo.ss_family == AF_INET) ? sizeof(struct sockaddr_in) : sizeof(struct sockaddr_in6));
-		}
-#endif
-	}
-
-	inline std::string deviceName() const
-	{
-		return _dev;
-	}
-
-	inline void setFriendlyName(const char *friendlyName)
-	{
-	}
-
-	inline void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed)
-	{
-	}
-
-	inline void setMtu(unsigned int mtu)
-	{
-	}
-
-private:
-	uint64_t _nwid;
-	std::string _dev;
-	std::set<InetAddress> _ips;
-	InetAddress _reportTo;
-#ifdef ZT_TEST_TAP_REPORT_TO
-	int _reportsock;
-#endif
-	bool _enabled;
-	Mutex _lock;
-};
-
-} // namespace ZeroTier
-
-#endif
diff --git a/osdep/WindowsEthernetTap.hpp b/osdep/WindowsEthernetTap.hpp
index 78a956728..7a8638759 100644
--- a/osdep/WindowsEthernetTap.hpp
+++ b/osdep/WindowsEthernetTap.hpp
@@ -41,10 +41,11 @@
 #include "../node/MulticastGroup.hpp"
 #include "../node/InetAddress.hpp"
 #include "../osdep/Thread.hpp"
+#include "EthernetTap.hpp"
 
 namespace ZeroTier {
 
-class WindowsEthernetTap
+class WindowsEthernetTap : public EthernetTap
 {
 public:
 	/**
@@ -97,18 +98,18 @@ public:
 		void (*handler)(void *,void *,uint64_t,const MAC &,const MAC &,unsigned int,unsigned int,const void *,unsigned int),
 		void *arg);
 
-	~WindowsEthernetTap();
+	virtual ~WindowsEthernetTap();
 
-	void setEnabled(bool en);
-	bool enabled() const;
-	bool addIp(const InetAddress &ip);
-	bool removeIp(const InetAddress &ip);
-	std::vector<InetAddress> ips() const;
-	void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
-	std::string deviceName() const;
-	void setFriendlyName(const char *friendlyName);
-	void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
-	void setMtu(unsigned int mtu);
+	virtual void setEnabled(bool en);
+	virtual bool enabled() const;
+	virtual bool addIp(const InetAddress &ip);
+	virtual bool removeIp(const InetAddress &ip);
+	virtual std::vector<InetAddress> ips() const;
+	virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len);
+	virtual std::string deviceName() const;
+	virtual void setFriendlyName(const char *friendlyName);
+	virtual void scanMulticastGroups(std::vector<MulticastGroup> &added,std::vector<MulticastGroup> &removed);
+	virtual void setMtu(unsigned int mtu);
 
 	inline const NET_LUID &luid() const { return _deviceLuid; }
 	inline const GUID &guid() const { return _deviceGuid; }
@@ -118,7 +119,7 @@ public:
 	void threadMain()
 		throw();
 
-    bool isInitialized() const { return _initialized; };
+	bool isInitialized() const { return _initialized; };
 
 private:
 	NET_IFINDEX _getDeviceIndex(); // throws on failure