| config BR2_PACKAGE_IPSEC_TOOLS |
| bool "ipsec-tools" |
| select BR2_PACKAGE_OPENSSL |
| select BR2_PACKAGE_FLEX |
| select BR2_PACKAGE_FLEX_LIBFL |
| help |
| This package is required to support IPSec for Linux 2.6+ |
| |
| if BR2_PACKAGE_IPSEC_TOOLS |
| |
| config BR2_PACKAGE_IPSEC_TOOLS_ADMINPORT |
| default y |
| bool "Enable racoonctl(8)" |
| help |
| Lets racoon to listen to racoon admin port, which is to |
| be contacted by racoonctl(8). |
| |
| config BR2_PACKAGE_IPSEC_TOOLS_NATT |
| bool "Enable NAT-Traversal" |
| help |
| This needs kernel support, which is available on Linux. On |
| NetBSD, NAT-Traversal kernel support has not been integrated |
| yet, you can get it from here: |
| |
| http://ipsec-tools.sourceforge.net/netbsd_nat-t.diff If you |
| |
| live in a country where software patents are legal, using |
| NAT-Traversal might infringe a patent. |
| |
| config BR2_PACKAGE_IPSEC_TOOLS_FRAG |
| bool "Enable IKE fragmentation" |
| help |
| Enable IKE fragmentation, which is a workaround for |
| broken routers that drop fragmented packets |
| |
| config BR2_PACKAGE_IPSEC_TOOLS_DPD |
| bool "Enable DPD (Dead Peer Detection)" |
| help |
| Enable dead peer detection support |
| |
| config BR2_PACKAGE_IPSEC_TOOLS_STATS |
| default y |
| bool "Enable statistics logging function" |
| |
| config BR2_PACKAGE_IPSEC_TOOLS_READLINE |
| select BR2_PACKAGE_READLINE |
| bool "Enable readline input support" |
| |
| choice |
| prompt "Security context" |
| default BR2_PACKAGE_IPSEC_SECCTX_DISABLE |
| help |
| Selects whether or not to enable security context support. |
| |
| config BR2_PACKAGE_IPSEC_SECCTX_DISABLE |
| bool "Disable security context support" |
| |
| config BR2_PACKAGE_IPSEC_SECCTX_ENABLE |
| bool "Enable SELinux security context support" |
| |
| config BR2_PACKAGE_IPSEC_SECCTX_KERNEL |
| bool "Enable kernel security context" |
| |
| endchoice |
| |
| endif |
