40:["$","div",null,{"className":"px-4","children":[["$","h2",null,{"className":"mb-4 text-sm font-medium text-balance text-muted-foreground tabular-nums","children":[0," comments"]}],["$","$L42",null,{"comments":[{"item":{"id":26480747,"type":"comment","by":"tgragnato","time":1615918805,"title":"$undefined","url":"$undefined","text":"Tunnelblick uses OpenVPN under the hood, which means it's using a TUN/TAP virtual NIC.

LeoPantera is referring to the new way of creating VPNs in macOS and iOS, the Network Extension framework.\nYou need an entitlement to develop with that framework, and sideloading is not possible.

https://developer.apple.com/documentation/networkextension

https://developer.apple.com/documentation/bundleresources/en...

I have no idea if Apple is committed to support tun/tap in the future, but I doubt.","score":"$undefined","descendants":"$undefined","kids":[26481960,26481944],"parent":26480209,"dead":"$undefined","deleted":"$undefined"},"children":[{"item":{"id":26481960,"type":"comment","by":"JonathonW","time":1615924255,"title":"$undefined","url":"$undefined","text":"After Big Sur deprecated network kexts, I switched over to Viscosity-- which is another OpenVPN client, and supports both tun and tap VPNs without an extension (using only built-in macOS capabilities).

It does not require the Network Extension framework, is not App Store distributed, and does not have any entitlements. (It is Developer ID signed and notarized, but that's just for user convenience; it'd work just fine unsigned if the user wanted to click through macOS's warnings to get there.)","score":"$undefined","descendants":"$undefined","kids":"$undefined","parent":26480747,"dead":"$undefined","deleted":"$undefined"},"children":[]},{"item":{"id":26481944,"type":"comment","by":"alerighi","time":1615924192,"title":"$undefined","url":"$undefined","text":"Well the Wireguard app exists both for macOS and iOS so I guess is not that big deal to support VPN on these systems.

Also services like this one to circumvent the Apple policy couldn't just give you a Wireguard configuration file and say to you "just install the Wireguard app and import the config"? It would work and of course Apple couldn't do anything (beside removing the whole Wireguard app from the store).","score":"$undefined","descendants":"$undefined","kids":[26482588],"parent":26480747,"dead":"$undefined","deleted":"$undefined"},"children":[{"item":{"id":26482588,"type":"comment","by":"tgragnato","time":1615927094,"title":"$undefined","url":"$undefined","text":"That’s what I do too.

Not having entitlements or not being able to sideload is more of an issue while trying to tweak or patch an existing code base.

E.g.: contributing to WireGuard or iCepa, ...","score":"$undefined","descendants":"$undefined","kids":"$undefined","parent":26481944,"dead":"$undefined","deleted":"$undefined"},"children":[]}]}]}],"op":"nucleardog"}]]}]

0 comments

0 comments