config BR2_PACKAGE_IPSEC_TOOLS bool "ipsec-tools" depends on BR2_USE_MMU # fork() depends on !BR2_TOOLCHAIN_USES_MUSL # Use __P() macro all over the tree select BR2_PACKAGE_OPENSSL select BR2_PACKAGE_FLEX help This package is required to support IPSec for Linux 2.6+ http://ipsec-tools.sourceforge.net/ if BR2_PACKAGE_IPSEC_TOOLS config BR2_PACKAGE_IPSEC_TOOLS_ADMINPORT default y bool "Enable racoonctl(8)" help Lets racoon to listen to racoon admin port, which is to be contacted by racoonctl(8). config BR2_PACKAGE_IPSEC_TOOLS_NATT bool "Enable NAT-Traversal" help This needs kernel support, which is available on Linux. On NetBSD, NAT-Traversal kernel support has not been integrated yet, you can get it from here: http://ipsec-tools.sourceforge.net/netbsd_nat-t.diff If you live in a country where software patents are legal, using NAT-Traversal might infringe a patent. config BR2_PACKAGE_IPSEC_TOOLS_FRAG bool "Enable IKE fragmentation" help Enable IKE fragmentation, which is a workaround for broken routers that drop fragmented packets config BR2_PACKAGE_IPSEC_TOOLS_DPD bool "Enable DPD (Dead Peer Detection)" help Enable dead peer detection support config BR2_PACKAGE_IPSEC_TOOLS_STATS default y bool "Enable statistics logging function" config BR2_PACKAGE_IPSEC_TOOLS_READLINE select BR2_PACKAGE_READLINE bool "Enable readline input support" config BR2_PACKAGE_IPSEC_TOOLS_HYBRID bool "Enable hybrid, both mode-cfg and xauth support" help Hybrid mode is required for successful interoperability (e.g. Cisco VPN Client). choice prompt "Security context" default BR2_PACKAGE_IPSEC_SECCTX_DISABLE help Selects whether or not to enable security context support. config BR2_PACKAGE_IPSEC_SECCTX_DISABLE bool "Disable security context support" config BR2_PACKAGE_IPSEC_SECCTX_ENABLE bool "Enable SELinux security context support" config BR2_PACKAGE_IPSEC_SECCTX_KERNEL bool "Enable kernel security context" endchoice endif