啦啦啦~~~
分类: 网络与安全
2011-03-25 12:09:32
| Option Name | Description |
CONFIG_UNIX | Unix domain sockets. Openswan userland (Pluto) uses these. |
CONFIG_PROC_FS | The /proc filesystem (needed by both KLIPS and NETKEY). |
CONFIG_CRYPTO | CryptoAPI, pluggable crypto modules. Necessary for NETKEY; optional for KLIPS. |
CONFIG_CRYPTO_* | Various crypto modules. HMAC, MD5, 3DES, AES, SHA1 are necessary for NETKEY; optional for KLIPS. Most of the other crypto modules should be treated with severe skepticism and probably not used at all. |
Option Name | Description |
CONFIG_IP_ADVANCED_ROUTER | This gives far better routing control and is needed for some script features, such as _updown. |
CONFIG_PACKET | Necessary for tcpdump, a debugging tool, as well as KLIPS and NETKEY |
CONFIG_NETFILTER | TCP/IP packet filter. You need this to make a firewall, or to support NAT. |
CONFIG_IPSEC_NAT_TRAVERSAL This option only appears after the kernel has been patched with the NAT-T patch | This adds support for NAT traversal by encapsulating ESP packets in UDP packets. This is needed if you wish to connect from behind a NATed network to your Openswan server. Older versions of this code call this option CONFIG_ESPINUDP. These versions are broken and should not be used. |
Option Name | Description |
CONFIG_NET_KEY | PF_KEYv2 (IPsec) sockets. |
CONFIG_XFRM_USER | IPsec user configuration interface (Openswan userland uses this). |
CONFIG_INET_AH | Authentication Header (AH) for IPv4. You probably don't need this. |
CONFIG_INET_ESP | Encapsulating Security Payload (ESP) for IPv4. |
CONFIG_INET_IPCOMP | Payload compression support. |
CONFIG_INET_TUNNEL | Generic IP tunnel transformation, needed by ipcomp. |
CONFIG_INET6_AH | Authentication Header (AH) for IPv6. You probably don't need this. |
CONFIG_INET6_ESP | Encapsulating Security Payload (ESP) for IPv6. |
CONFIG_INET6_IPCOMP | Compression mode for IPv6. |
| Option Name | Description |
CONFIG_UNIX98_PTYS | Unix PTYs. |
CONFIG_PPP | PPP support. |
CONFIG_PPP_SYNC_TTY | Synchronous PPP support. |
CONFIG_PPP_DEFLATE | Deflate support. |
CONFIG_PPP_BSDCOMP | BSD (de)compression support for IP headers. |
CONFIG_LEGACY_PTYS(linux 2.6) | Legacy PTYs (only needed when using certain older L2TP daemons). Note: This is disabled in the stock kernels for Fedora Core 2 and up. |
