1 RCSID $Id: Documentation.Configure.help,v 1.16 2002/01/12 03:02:35 mcr Exp $
2 --- ./Documentation/Configure.help.preipsec Sun Jun 13 13:20:59 1999
3 +++ ./Documentation/Configure.help Thu Sep 16 11:26:31 1999
5 you can read some network related routing information from that
6 file. Everything you write to that file will be discarded.
8 +IP Security Protocol (IPSEC) (EXPERIMENTAL)
10 + This unit is experimental code.
11 + Pick 'y' for static linking, 'm' for module support or 'n' for none.
12 + This option adds support for network layer packet encryption and/or
13 + authentication with participating hosts. The standards start with:
14 + RFCs 2411, 2407 and 2401. Others are mentioned where they refer to
15 + specific features below. There are more pending which can be
16 + found at: ftp://ftp.ietf.org/internet-drafts/draft-ietf-ipsec-*.
17 + A description of each document can also be found at:
18 + http://ietf.org/ids.by.wg/ipsec.html.
19 + Their charter can be found at:
20 + http://www.ietf.org/html.charters/ipsec-charter.html
21 + Snapshots and releases of the current work can be found at:
22 + http://www.freeswan.org/
24 +IPSEC: IP-in-IP encapsulation
26 + This option provides support for tunnel mode IPSEC. It is recommended
29 +IPSEC: Authentication Header
31 + This option provides support for the IPSEC Authentication Header
32 + (IP protocol 51) which provides packet layer sender and content
33 + authentication. It is recommended to enable this. RFC2402
36 +CONFIG_IPSEC_AUTH_HMAC_MD5
37 + Provides support for authentication using the HMAC MD5
38 + algorithm with 96 bits of hash used as the authenticator. RFC2403
41 +CONFIG_IPSEC_AUTH_HMAC_SHA1
42 + Provides support for Authentication Header using the HMAC SHA1
43 + algorithm with 96 bits of hash used as the authenticator. RFC2404
45 +IPSEC: Encapsulating Security Payload
47 + This option provides support for the IPSEC Encapsulation Security
48 + Payload (IP protocol 50) which provides packet layer content
49 + hiding. It is recommended to enable this. RFC2406
52 +CONFIG_IPSEC_ENC_3DES
53 + Provides support for Encapsulation Security Payload protocol, using
54 + the triple DES encryption algorithm. RFC2451
56 +IPSEC Debugging Option
58 + Enables IPSEC kernel debugging. It is further controlled by the
59 + user space utility 'klipsdebug'.
61 +IPSEC Regression Testing option
63 + Enables IPSEC regression testing. Creates a number of switches in
64 + /proc/sys/net/ipsec which cause various failure modes in KLIPS.
65 + For more details see FreeSWAN source under
66 + testing/doc/regression_options.txt.
70 If you want to use a SCSI hard disk, SCSI tapedrive, SCSI CDROM or