summaryrefslogtreecommitdiff
path: root/linux/Documentation/Configure.help.fs2_2.patch
blob: 52a133410f3cba3b30b99341ede25e714116d4ff (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
--- /a3/kernel_sources/linux-2.2.20/Documentation/Configure.help	Fri Nov  2 11:39:05 2001
+++ linux2.2/Documentation/Configure.help	Mon Jul 29 15:42:26 2002
@@ -15237,5 +15237,66 @@
    
-#
+
+IP Security Protocol (IPSEC) (EXPERIMENTAL)
+CONFIG_IPSEC
+  This unit is experimental code.
+  Pick 'y' for static linking, 'm' for module support or 'n' for none.
+  This option adds support for network layer packet encryption and/or
+  authentication with participating hosts.  The standards start with:
+  RFCs 2411, 2407 and 2401.  Others are mentioned where they refer to
+  specific features below.  There are more pending which can be found
+  at:  ftp://ftp.ietf.org/internet-drafts/draft-ietf-ipsec-*.
+  A description of each document can also be found at: 
+  http://ietf.org/ids.by.wg/ipsec.html.
+  Their charter can be found at: 
+  http://www.ietf.org/html.charters/ipsec-charter.html
+  Snapshots and releases of the current work can be found at: 
+  http://www.freeswan.org/
+
+IPSEC: IP-in-IP encapsulation
+CONFIG_IPSEC_IPIP
+  This option provides support for tunnel mode IPSEC.  It is recommended
+  to enable this.
+
+IPSEC: Authentication Header
+CONFIG_IPSEC_AH
+  This option provides support for the IPSEC Authentication Header
+  (IP protocol 51) which provides packet layer sender and content
+  authentication.  It is recommended to enable this.  RFC2402
+
+HMAC-MD5 algorithm
+CONFIG_IPSEC_AUTH_HMAC_MD5
+  Provides support for authentication using the HMAC MD5
+  algorithm with 96 bits of hash used as the authenticator.  RFC2403
+
+HMAC-SHA1 algorithm
+CONFIG_IPSEC_AUTH_HMAC_SHA1
+  Provides support for Authentication Header using the HMAC SHA1
+  algorithm with 96 bits of hash used as the authenticator.  RFC2404
+
+IPSEC: Encapsulating Security Payload
+CONFIG_IPSEC_ESP
+  This option provides support for the IPSEC Encapsulation Security
+  Payload (IP protocol 50) which provides packet layer content
+  hiding.  It is recommended to enable this.  RFC2406
+
+3DES algorithm
+CONFIG_IPSEC_ENC_3DES
+  Provides support for Encapsulation Security Payload protocol, using
+  the triple DES encryption algorithm.  RFC2451
+
+IPSEC Debugging Option
+CONFIG_IPSEC_DEBUG
+  Enables IPSEC kernel debugging.  It is further controlled by the
+  user space utility 'klipsdebug'.
+
+IPSEC Regression Testing option
+CONFIG_IPSEC_REGRESS
+  Enables IPSEC regression testing. Creates a number of switches in
+  /proc/sys/net/ipsec which cause various failure modes in KLIPS.
+  For more details see FreeSWAN source under 
+  testing/doc/regression_options.txt.
+
+#  
 # A couple of things I keep forgetting:
 #   capitalize: AppleTalk, Ethernet, DOS, DMA, FAT, FTP, Internet, 
 #               Intel, IRQ, Linux, MSDOS, NetWare, NetWinder, NFS,