2006-01-23 22:43:28 +01:00
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS
|
|
|
|
bool "ipsec-tools"
|
2016-05-28 14:47:29 +02:00
|
|
|
depends on BR2_USE_MMU # fork()
|
|
|
|
depends on !BR2_TOOLCHAIN_USES_MUSL # Use __P() macro all over the tree
|
2009-03-02 20:56:13 +01:00
|
|
|
select BR2_PACKAGE_OPENSSL
|
|
|
|
select BR2_PACKAGE_FLEX
|
2006-01-23 22:43:28 +01:00
|
|
|
help
|
|
|
|
This package is required to support IPSec for Linux 2.6+
|
|
|
|
|
2014-03-10 21:26:26 +01:00
|
|
|
http://ipsec-tools.sourceforge.net/
|
|
|
|
|
2010-06-13 14:24:48 +02:00
|
|
|
if BR2_PACKAGE_IPSEC_TOOLS
|
|
|
|
|
2006-01-23 22:43:28 +01:00
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_ADMINPORT
|
2012-02-10 13:58:19 +01:00
|
|
|
bool "Enable racoonctl(8)"
|
2017-04-22 19:17:55 +02:00
|
|
|
default y
|
2006-01-23 22:43:28 +01:00
|
|
|
help
|
2009-06-22 13:21:38 +02:00
|
|
|
Lets racoon to listen to racoon admin port, which is to
|
|
|
|
be contacted by racoonctl(8).
|
2006-01-23 22:43:28 +01:00
|
|
|
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_NATT
|
|
|
|
bool "Enable NAT-Traversal"
|
|
|
|
help
|
2009-06-22 13:21:38 +02:00
|
|
|
This needs kernel support, which is available on Linux. On
|
|
|
|
NetBSD, NAT-Traversal kernel support has not been integrated
|
|
|
|
yet, you can get it from here:
|
2006-01-23 22:43:28 +01:00
|
|
|
|
2009-06-22 13:21:38 +02:00
|
|
|
http://ipsec-tools.sourceforge.net/netbsd_nat-t.diff If you
|
2006-01-23 22:43:28 +01:00
|
|
|
|
2009-06-22 13:21:38 +02:00
|
|
|
live in a country where software patents are legal, using
|
|
|
|
NAT-Traversal might infringe a patent.
|
2006-01-23 22:43:28 +01:00
|
|
|
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_FRAG
|
2012-02-10 13:58:19 +01:00
|
|
|
bool "Enable IKE fragmentation"
|
2006-01-23 22:43:28 +01:00
|
|
|
help
|
2009-06-22 13:21:38 +02:00
|
|
|
Enable IKE fragmentation, which is a workaround for
|
|
|
|
broken routers that drop fragmented packets
|
2006-01-23 22:43:28 +01:00
|
|
|
|
2012-02-10 13:57:27 +01:00
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_DPD
|
|
|
|
bool "Enable DPD (Dead Peer Detection)"
|
|
|
|
help
|
|
|
|
Enable dead peer detection support
|
|
|
|
|
2006-01-23 22:43:28 +01:00
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_STATS
|
2012-02-10 13:58:19 +01:00
|
|
|
bool "Enable statistics logging function"
|
2017-04-22 19:17:55 +02:00
|
|
|
default y
|
2006-01-23 22:43:28 +01:00
|
|
|
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_READLINE
|
2012-02-10 13:58:19 +01:00
|
|
|
bool "Enable readline input support"
|
2017-04-22 19:17:55 +02:00
|
|
|
select BR2_PACKAGE_READLINE
|
2006-01-23 22:43:28 +01:00
|
|
|
|
2015-02-01 06:26:52 +01:00
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_HYBRID
|
|
|
|
bool "Enable hybrid, both mode-cfg and xauth support"
|
|
|
|
help
|
|
|
|
Hybrid mode is required for successful interoperability
|
|
|
|
(e.g. Cisco VPN Client).
|
|
|
|
|
2009-06-22 13:21:38 +02:00
|
|
|
choice
|
|
|
|
prompt "Security context"
|
|
|
|
default BR2_PACKAGE_IPSEC_SECCTX_DISABLE
|
|
|
|
help
|
|
|
|
Selects whether or not to enable security context support.
|
|
|
|
|
|
|
|
config BR2_PACKAGE_IPSEC_SECCTX_DISABLE
|
|
|
|
bool "Disable security context support"
|
|
|
|
|
|
|
|
config BR2_PACKAGE_IPSEC_SECCTX_ENABLE
|
|
|
|
bool "Enable SELinux security context support"
|
|
|
|
|
|
|
|
config BR2_PACKAGE_IPSEC_SECCTX_KERNEL
|
|
|
|
bool "Enable kernel security context"
|
|
|
|
|
|
|
|
endchoice
|
2009-08-04 17:16:03 +02:00
|
|
|
|
|
|
|
endif
|