config BR2_PACKAGE_IPSEC_TOOLS bool "ipsec-tools" select BR2_PACKAGE_OPENSSL select BR2_PACKAGE_FLEX select BR2_PACKAGE_FLEX_LIBFL help This package is required to support IPSec for Linux 2.6+ if BR2_PACKAGE_IPSEC_TOOLS config BR2_PACKAGE_IPSEC_TOOLS_ADMINPORT default y bool "Enable racoonctl(8)." help Lets racoon to listen to racoon admin port, which is to be contacted by racoonctl(8). config BR2_PACKAGE_IPSEC_TOOLS_NATT bool "Enable NAT-Traversal" help This needs kernel support, which is available on Linux. On NetBSD, NAT-Traversal kernel support has not been integrated yet, you can get it from here: http://ipsec-tools.sourceforge.net/netbsd_nat-t.diff If you live in a country where software patents are legal, using NAT-Traversal might infringe a patent. config BR2_PACKAGE_IPSEC_TOOLS_FRAG bool "Enable IKE fragmentation." help Enable IKE fragmentation, which is a workaround for broken routers that drop fragmented packets config BR2_PACKAGE_IPSEC_TOOLS_DPD bool "Enable DPD (Dead Peer Detection)" help Enable dead peer detection support config BR2_PACKAGE_IPSEC_TOOLS_STATS default y bool "Enable statistics logging function." config BR2_PACKAGE_IPSEC_TOOLS_READLINE select BR2_PACKAGE_READLINE bool "Enable readline input support if available." choice prompt "Security context" default BR2_PACKAGE_IPSEC_SECCTX_DISABLE help Selects whether or not to enable security context support. config BR2_PACKAGE_IPSEC_SECCTX_DISABLE bool "Disable security context support" config BR2_PACKAGE_IPSEC_SECCTX_ENABLE bool "Enable SELinux security context support" config BR2_PACKAGE_IPSEC_SECCTX_KERNEL bool "Enable kernel security context" endchoice endif