# # RCSID $Id: defconfig,v 1.18 2000/11/30 17:26:56 rgb Exp $ # # # FreeS/WAN IPSec implementation, KLIPS kernel config defaults # # # First, lets override stuff already set or not in the kernel config. # # We can't even think about leaving this off... CONFIG_INET=y # # This must be on for subnet protection. CONFIG_IP_FORWARD=y # Shut off IPSEC masquerading if it has been enabled, since it will # break the compile. IPPROTO_ESP and IPPROTO_AH were included in # net/ipv4/ip_masq.c when they should have gone into include/linux/in.h. CONFIG_IP_MASQUERADE_IPSEC=n # # Next, lets set the recommended FreeS/WAN configuration. # # To config as static (preferred), 'y'. To config as module, 'm'. CONFIG_IPSEC=y # To do tunnel mode IPSec, this must be enabled. CONFIG_IPSEC_IPIP=y # To enable authentication, say 'y'. (Highly recommended) CONFIG_IPSEC_AH=y # Authentication algorithm(s): CONFIG_IPSEC_AUTH_HMAC_MD5=y CONFIG_IPSEC_AUTH_HMAC_SHA1=y # To enable encryption, say 'y'. (Highly recommended) CONFIG_IPSEC_ESP=y # Encryption algorithm(s): CONFIG_IPSEC_ENC_3DES=y # IP Compression: new, probably still has minor bugs. CONFIG_IPSEC_IPCOMP=y # To enable userspace-switchable KLIPS debugging, say 'y'. CONFIG_IPSEC_DEBUG=y # # # $Log: defconfig,v $ # Revision 1.18 2000/11/30 17:26:56 rgb # Cleaned out unused options and enabled ipcomp by default. # # Revision 1.17 2000/09/15 11:37:01 rgb # Merge in heavily modified Svenning Soerensen's # IPCOMP zlib deflate code. # # Revision 1.16 2000/09/08 19:12:55 rgb # Change references from DEBUG_IPSEC to CONFIG_IPSEC_DEBUG. # # Revision 1.15 2000/05/24 19:37:13 rgb # *** empty log message *** # # Revision 1.14 2000/05/11 21:14:57 henry # just commenting the FOOBAR=y lines out is not enough # # Revision 1.13 2000/05/10 20:17:58 rgb # Comment out netlink defaults, which are no longer needed. # # Revision 1.12 2000/05/10 19:13:38 rgb # Added configure option to shut off no eroute passthrough. # # Revision 1.11 2000/03/16 07:09:46 rgb # Hardcode PF_KEYv2 support. # Disable IPSEC_ICMP by default. # Remove DES config option from defaults file. # # Revision 1.10 2000/01/11 03:09:42 rgb # Added a default of 'y' to PF_KEYv2 keying I/F. # # Revision 1.9 1999/05/08 21:23:12 rgb # Added support for 2.2.x kernels. # # Revision 1.8 1999/04/06 04:54:25 rgb # Fix/Add RCSID Id: and Log: bits to make PHMDs happy. This includes # patch shell fixes. # #