9849366388
Add config option for enabling hybrid mode. Hybrid mode is required for successful interoperability. Signed-off-by: Doug Kehn <rdkehn@yahoo.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
75 lines
1.9 KiB
Plaintext
75 lines
1.9 KiB
Plaintext
config BR2_PACKAGE_IPSEC_TOOLS
|
|
bool "ipsec-tools"
|
|
select BR2_PACKAGE_OPENSSL
|
|
select BR2_PACKAGE_FLEX
|
|
depends on BR2_USE_MMU # fork()
|
|
help
|
|
This package is required to support IPSec for Linux 2.6+
|
|
|
|
http://ipsec-tools.sourceforge.net/
|
|
|
|
if BR2_PACKAGE_IPSEC_TOOLS
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_ADMINPORT
|
|
default y
|
|
bool "Enable racoonctl(8)"
|
|
help
|
|
Lets racoon to listen to racoon admin port, which is to
|
|
be contacted by racoonctl(8).
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_NATT
|
|
bool "Enable NAT-Traversal"
|
|
help
|
|
This needs kernel support, which is available on Linux. On
|
|
NetBSD, NAT-Traversal kernel support has not been integrated
|
|
yet, you can get it from here:
|
|
|
|
http://ipsec-tools.sourceforge.net/netbsd_nat-t.diff If you
|
|
|
|
live in a country where software patents are legal, using
|
|
NAT-Traversal might infringe a patent.
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_FRAG
|
|
bool "Enable IKE fragmentation"
|
|
help
|
|
Enable IKE fragmentation, which is a workaround for
|
|
broken routers that drop fragmented packets
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_DPD
|
|
bool "Enable DPD (Dead Peer Detection)"
|
|
help
|
|
Enable dead peer detection support
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_STATS
|
|
default y
|
|
bool "Enable statistics logging function"
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_READLINE
|
|
select BR2_PACKAGE_READLINE
|
|
bool "Enable readline input support"
|
|
|
|
config BR2_PACKAGE_IPSEC_TOOLS_HYBRID
|
|
bool "Enable hybrid, both mode-cfg and xauth support"
|
|
help
|
|
Hybrid mode is required for successful interoperability
|
|
(e.g. Cisco VPN Client).
|
|
|
|
choice
|
|
prompt "Security context"
|
|
default BR2_PACKAGE_IPSEC_SECCTX_DISABLE
|
|
help
|
|
Selects whether or not to enable security context support.
|
|
|
|
config BR2_PACKAGE_IPSEC_SECCTX_DISABLE
|
|
bool "Disable security context support"
|
|
|
|
config BR2_PACKAGE_IPSEC_SECCTX_ENABLE
|
|
bool "Enable SELinux security context support"
|
|
|
|
config BR2_PACKAGE_IPSEC_SECCTX_KERNEL
|
|
bool "Enable kernel security context"
|
|
|
|
endchoice
|
|
|
|
endif
|