Sākums Izpētīt Palīdzība
Pierakstīties
Rydia
/
linux-phytium
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Koks: 6793c0e942
Atzari Tagi
linux-phytium
/
net
/
xfrm
/
Kconfig

Kconfig 2.5 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 
  1. #
    2. 

  2. # XFRM configuration
    3. 

  3. #
    4. 

  4. config XFRM
    5. 

  5.        bool
    6. 

  6.        depends on NET
    7. 

  7.        select GRO_CELLS
    8. 

  8. 

  9. config XFRM_OFFLOAD
    10. 

  10.        bool
    11. 

  11.        depends on XFRM
    12. 

  12. 

  13. config XFRM_ALGO
    14. 

  14. 	tristate
    15. 

  15. 	select XFRM
    16. 

  16. 	select CRYPTO
    17. 

  17. 	select CRYPTO_HASH
    18. 

  18. 	select CRYPTO_BLKCIPHER
    19. 

  19. 

  20. config XFRM_USER
    21. 

  21. 	tristate "Transformation user configuration interface"
    22. 

  22. 	depends on INET
    23. 

  23. 	select XFRM_ALGO
    24. 

  24. 	---help---
    25. 

  25. 	  Support for Transformation(XFRM) user configuration interface
    26. 

  26. 	  like IPsec used by native Linux tools.
    27. 

  27. 

  28. 	  If unsure, say Y.
    29. 

  29. 

  30. config XFRM_INTERFACE
    31. 

  31. 	tristate "Transformation virtual interface"
    32. 

  32. 	depends on XFRM && IPV6
    33. 

  33. 	---help---
    34. 

  34. 	  This provides a virtual interface to route IPsec traffic.
    35. 

  35. 

  36. 	  If unsure, say N.
    37. 

  37. 

  38. config XFRM_SUB_POLICY
    39. 

  39. 	bool "Transformation sub policy support"
    40. 

  40. 	depends on XFRM
    41. 

  41. 	---help---
    42. 

  42. 	  Support sub policy for developers. By using sub policy with main
    43. 

  43. 	  one, two policies can be applied to the same packet at once.
    44. 

  44. 	  Policy which lives shorter time in kernel should be a sub.
    45. 

  45. 

  46. 	  If unsure, say N.
    47. 

  47. 

  48. config XFRM_MIGRATE
    49. 

  49. 	bool "Transformation migrate database"
    50. 

  50. 	depends on XFRM
    51. 

  51. 	---help---
    52. 

  52. 	  A feature to update locator(s) of a given IPsec security
    53. 

  53. 	  association dynamically.  This feature is required, for
    54. 

  54. 	  instance, in a Mobile IPv6 environment with IPsec configuration
    55. 

  55. 	  where mobile nodes change their attachment point to the Internet.
    56. 

  56. 

  57. 	  If unsure, say N.
    58. 

  58. 

  59. config XFRM_STATISTICS
    60. 

  60. 	bool "Transformation statistics"
    61. 

  61. 	depends on INET && XFRM && PROC_FS
    62. 

  62. 	---help---
    63. 

  63. 	  This statistics is not a SNMP/MIB specification but shows
    64. 

  64. 	  statistics about transformation error (or almost error) factor
    65. 

  65. 	  at packet processing for developer.
    66. 

  66. 

  67. 	  If unsure, say N.
    68. 

  68. 

  69. config XFRM_IPCOMP
    70. 

  70. 	tristate
    71. 

  71. 	select XFRM_ALGO
    72. 

  72. 	select CRYPTO
    73. 

  73. 	select CRYPTO_DEFLATE
    74. 

  74. 

  75. config NET_KEY
    76. 

  76. 	tristate "PF_KEY sockets"
    77. 

  77. 	select XFRM_ALGO
    78. 

  78. 	---help---
    79. 

  79. 	  PF_KEYv2 socket family, compatible to KAME ones.
    80. 

  80. 	  They are required if you are going to use IPsec tools ported
    81. 

  81. 	  from KAME.
    82. 

  82. 

  83. 	  Say Y unless you know what you are doing.
    84. 

  84. 

  85. config NET_KEY_MIGRATE
    86. 

  86. 	bool "PF_KEY MIGRATE"
    87. 

  87. 	depends on NET_KEY
    88. 

  88. 	select XFRM_MIGRATE
    89. 

  89. 	---help---
    90. 

  90. 	  Add a PF_KEY MIGRATE message to PF_KEYv2 socket family.
    91. 

  91. 	  The PF_KEY MIGRATE message is used to dynamically update
    92. 

  92. 	  locator(s) of a given IPsec security association.
    93. 

  93. 	  This feature is required, for instance, in a Mobile IPv6
    94. 

  94. 	  environment with IPsec configuration where mobile nodes
    95. 

  95. 	  change their attachment point to the Internet.  Detail
    96. 

  96. 	  information can be found in the internet-draft
    97. 

  97. 	  <draft-sugimoto-mip6-pfkey-migrate>.
    98. 

  98. 

  99. 	  If unsure, say N.
    100. 

  100.