Am 27.08.21 um 21:00 schrieb Antonio Quartulli: > OpenVPN shipped a small packet filtering tool called PF. It has never > been straightforward as it required a plugin to work. On top of that, > keeping PF support, makes the code more complicated and increases the > maintenance cost of OpenVPN. > > PF itself is not actually maintained at all and there is little > motivation in keeping it alive. > > Some years ago an IPv6 extension for PF was proposed, but it was never > picked up for the reasons above. > > External (and more appropriate) tools can still be used to implement > packet filtering on the OpenVPN interface. > > Drop PF support for good. > > Note that IDs used for external communication (i.e. to the plugin > or management interface) have been commented out, but not removed, as > they should not be used in the future. > > v2: > * changed // to /* */ > * changed "NOT IMPLEMENTED" to "REMOVED FEATURE" > * removed extra empty lines after removing ifdef blocks > * clarified on IRC that tls_final has to be removed and therefore that > hunk is correct > * removed mi_prefix() function as it is now unused > > Cc: Arne Schwabe <a...@rfc2549.org> > Signed-off-by: Antonio Quartulli <a...@unstable.cc>
Acked-By: Arne Schwabe <a...@rfc2549.org> _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
