linux/net/Kconfig
<<
>>
Prefs
   1#
   2# Network configuration
   3#
   4
   5menuconfig NET
   6        bool "Networking support"
   7        ---help---
   8          Unless you really know what you are doing, you should say Y here.
   9          The reason is that some programs need kernel networking support even
  10          when running on a stand-alone machine that isn't connected to any
  11          other computer.
  12          
  13          If you are upgrading from an older kernel, you
  14          should consider updating your networking tools too because changes
  15          in the kernel and the tools often go hand in hand. The tools are
  16          contained in the package net-tools, the location and version number
  17          of which are given in <file:Documentation/Changes>.
  18
  19          For a general introduction to Linux networking, it is highly
  20          recommended to read the NET-HOWTO, available from
  21          <http://www.tldp.org/docs.html#howto>.
  22
  23if NET
  24
  25menu "Networking options"
  26
  27config NET_NS
  28        bool "Network namespace support"
  29        default n
  30        depends on EXPERIMENTAL && !SYSFS && NAMESPACES
  31        help
  32          Allow user space to create what appear to be multiple instances
  33          of the network stack.
  34
  35source "net/packet/Kconfig"
  36source "net/unix/Kconfig"
  37source "net/xfrm/Kconfig"
  38source "net/iucv/Kconfig"
  39
  40config INET
  41        bool "TCP/IP networking"
  42        ---help---
  43          These are the protocols used on the Internet and on most local
  44          Ethernets. It is highly recommended to say Y here (this will enlarge
  45          your kernel by about 400 KB), since some programs (e.g. the X window
  46          system) use TCP/IP even if your machine is not connected to any
  47          other computer. You will get the so-called loopback device which
  48          allows you to ping yourself (great fun, that!).
  49
  50          For an excellent introduction to Linux networking, please read the
  51          Linux Networking HOWTO, available from
  52          <http://www.tldp.org/docs.html#howto>.
  53
  54          If you say Y here and also to "/proc file system support" and
  55          "Sysctl support" below, you can change various aspects of the
  56          behavior of the TCP/IP code by writing to the (virtual) files in
  57          /proc/sys/net/ipv4/*; the options are explained in the file
  58          <file:Documentation/networking/ip-sysctl.txt>.
  59
  60          Short answer: say Y.
  61
  62if INET
  63source "net/ipv4/Kconfig"
  64source "net/ipv6/Kconfig"
  65source "net/netlabel/Kconfig"
  66
  67endif # if INET
  68
  69config NETWORK_SECMARK
  70        bool "Security Marking"
  71        help
  72          This enables security marking of network packets, similar
  73          to nfmark, but designated for security purposes.
  74          If you are unsure how to answer this question, answer N.
  75
  76menuconfig NETFILTER
  77        bool "Network packet filtering framework (Netfilter)"
  78        ---help---
  79          Netfilter is a framework for filtering and mangling network packets
  80          that pass through your Linux box.
  81
  82          The most common use of packet filtering is to run your Linux box as
  83          a firewall protecting a local network from the Internet. The type of
  84          firewall provided by this kernel support is called a "packet
  85          filter", which means that it can reject individual network packets
  86          based on type, source, destination etc. The other kind of firewall,
  87          a "proxy-based" one, is more secure but more intrusive and more
  88          bothersome to set up; it inspects the network traffic much more
  89          closely, modifies it and has knowledge about the higher level
  90          protocols, which a packet filter lacks. Moreover, proxy-based
  91          firewalls often require changes to the programs running on the local
  92          clients. Proxy-based firewalls don't need support by the kernel, but
  93          they are often combined with a packet filter, which only works if
  94          you say Y here.
  95
  96          You should also say Y here if you intend to use your Linux box as
  97          the gateway to the Internet for a local network of machines without
  98          globally valid IP addresses. This is called "masquerading": if one
  99          of the computers on your local network wants to send something to
 100          the outside, your box can "masquerade" as that computer, i.e. it
 101          forwards the traffic to the intended outside destination, but
 102          modifies the packets to make it look like they came from the
 103          firewall box itself. It works both ways: if the outside host
 104          replies, the Linux box will silently forward the traffic to the
 105          correct local computer. This way, the computers on your local net
 106          are completely invisible to the outside world, even though they can
 107          reach the outside and can receive replies. It is even possible to
 108          run globally visible servers from within a masqueraded local network
 109          using a mechanism called portforwarding. Masquerading is also often
 110          called NAT (Network Address Translation).
 111
 112          Another use of Netfilter is in transparent proxying: if a machine on
 113          the local network tries to connect to an outside host, your Linux
 114          box can transparently forward the traffic to a local server,
 115          typically a caching proxy server.
 116
 117          Yet another use of Netfilter is building a bridging firewall. Using
 118          a bridge with Network packet filtering enabled makes iptables "see"
 119          the bridged traffic. For filtering on the lower network and Ethernet
 120          protocols over the bridge, use ebtables (under bridge netfilter
 121          configuration).
 122
 123          Various modules exist for netfilter which replace the previous
 124          masquerading (ipmasqadm), packet filtering (ipchains), transparent
 125          proxying, and portforwarding mechanisms. Please see
 126          <file:Documentation/Changes> under "iptables" for the location of
 127          these packages.
 128
 129          Make sure to say N to "Fast switching" below if you intend to say Y
 130          here, as Fast switching currently bypasses netfilter.
 131
 132          Chances are that you should say Y here if you compile a kernel which
 133          will run as a router and N for regular hosts. If unsure, say N.
 134
 135if NETFILTER
 136
 137config NETFILTER_DEBUG
 138        bool "Network packet filtering debugging"
 139        depends on NETFILTER
 140        help
 141          You can say Y here if you want to get additional messages useful in
 142          debugging the netfilter code.
 143
 144config NETFILTER_ADVANCED
 145        bool "Advanced netfilter configuration"
 146        depends on NETFILTER
 147        default y
 148        help
 149          If you say Y here you can select between all the netfilter modules.
 150          If you say N the more ununsual ones will not be shown and the
 151          basic ones needed by most people will default to 'M'.
 152
 153          If unsure, say Y.
 154
 155config BRIDGE_NETFILTER
 156        bool "Bridged IP/ARP packets filtering"
 157        depends on BRIDGE && NETFILTER && INET
 158        depends on NETFILTER_ADVANCED
 159        default y
 160        ---help---
 161          Enabling this option will let arptables resp. iptables see bridged
 162          ARP resp. IP traffic. If you want a bridging firewall, you probably
 163          want this option enabled.
 164          Enabling or disabling this option doesn't enable or disable
 165          ebtables.
 166
 167          If unsure, say N.
 168
 169source "net/netfilter/Kconfig"
 170source "net/ipv4/netfilter/Kconfig"
 171source "net/ipv6/netfilter/Kconfig"
 172source "net/decnet/netfilter/Kconfig"
 173source "net/bridge/netfilter/Kconfig"
 174
 175endif
 176
 177source "net/dccp/Kconfig"
 178source "net/sctp/Kconfig"
 179source "net/tipc/Kconfig"
 180source "net/atm/Kconfig"
 181source "net/802/Kconfig"
 182source "net/bridge/Kconfig"
 183source "net/dsa/Kconfig"
 184source "net/8021q/Kconfig"
 185source "net/decnet/Kconfig"
 186source "net/llc/Kconfig"
 187source "net/ipx/Kconfig"
 188source "drivers/net/appletalk/Kconfig"
 189source "net/x25/Kconfig"
 190source "net/lapb/Kconfig"
 191source "net/econet/Kconfig"
 192source "net/wanrouter/Kconfig"
 193source "net/sched/Kconfig"
 194
 195menu "Network testing"
 196
 197config NET_PKTGEN
 198        tristate "Packet Generator (USE WITH CAUTION)"
 199        depends on PROC_FS
 200        ---help---
 201          This module will inject preconfigured packets, at a configurable
 202          rate, out of a given interface.  It is used for network interface
 203          stress testing and performance analysis.  If you don't understand
 204          what was just said, you don't need it: say N.
 205
 206          Documentation on how to use the packet generator can be found
 207          at <file:Documentation/networking/pktgen.txt>.
 208
 209          To compile this code as a module, choose M here: the
 210          module will be called pktgen.
 211
 212config NET_TCPPROBE
 213        tristate "TCP connection probing"
 214        depends on INET && EXPERIMENTAL && PROC_FS && KPROBES
 215        ---help---
 216        This module allows for capturing the changes to TCP connection
 217        state in response to incoming packets. It is used for debugging
 218        TCP congestion avoidance modules. If you don't understand
 219        what was just said, you don't need it: say N.
 220
 221        Documentation on how to use TCP connection probing can be found
 222        at http://linux-net.osdl.org/index.php/TcpProbe
 223
 224        To compile this code as a module, choose M here: the
 225        module will be called tcp_probe.
 226
 227endmenu
 228
 229endmenu
 230
 231source "net/ax25/Kconfig"
 232source "net/can/Kconfig"
 233source "net/irda/Kconfig"
 234source "net/bluetooth/Kconfig"
 235source "net/rxrpc/Kconfig"
 236source "net/phonet/Kconfig"
 237
 238config FIB_RULES
 239        bool
 240
 241menuconfig WIRELESS
 242        bool "Wireless"
 243        depends on !S390
 244        default y
 245
 246if WIRELESS
 247
 248source "net/wireless/Kconfig"
 249source "net/mac80211/Kconfig"
 250source "net/ieee80211/Kconfig"
 251
 252endif # WIRELESS
 253
 254source "net/rfkill/Kconfig"
 255source "net/9p/Kconfig"
 256
 257endif   # if NET
 258
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.