openwrt/package/utils/busybox/config/networking/Config.in

1219 lines
41 KiB
Plaintext
Raw Normal View History

# DO NOT EDIT. This file is generated from Config.src
#
# For a description of the syntax of this configuration file,
# see docs/Kconfig-language.txt.
#
menu "Networking Utilities"
config BUSYBOX_CONFIG_FEATURE_IPV6
bool "Enable IPv6 support"
default BUSYBOX_DEFAULT_FEATURE_IPV6
help
Enable IPv6 support in busybox.
This adds IPv6 support in the networking applets.
config BUSYBOX_CONFIG_FEATURE_UNIX_LOCAL
bool "Enable Unix domain socket support (usually not needed)"
default BUSYBOX_DEFAULT_FEATURE_UNIX_LOCAL
help
Enable Unix domain socket support in all busybox networking
applets. Address of the form local:/path/to/unix/socket
will be recognized.
This extension is almost never used in real world usage.
You most likely want to say N.
config BUSYBOX_CONFIG_FEATURE_PREFER_IPV4_ADDRESS
bool "Prefer IPv4 addresses from DNS queries"
default BUSYBOX_DEFAULT_FEATURE_PREFER_IPV4_ADDRESS
depends on BUSYBOX_CONFIG_FEATURE_IPV6
help
Use IPv4 address of network host if it has one.
If this option is off, the first returned address will be used.
This may cause problems when your DNS server is IPv6-capable and
is returning IPv6 host addresses too. If IPv6 address
precedes IPv4 one in DNS reply, busybox network applets
(e.g. wget) will use IPv6 address. On an IPv6-incapable host
or network applets will fail to connect to the host
using IPv6 address.
config BUSYBOX_CONFIG_VERBOSE_RESOLUTION_ERRORS
bool "Verbose resolution errors"
default BUSYBOX_DEFAULT_VERBOSE_RESOLUTION_ERRORS
help
Enable if you are not satisfied with simplistic
"can't resolve 'hostname.com'" and want to know more.
This may increase size of your executable a bit.
config BUSYBOX_CONFIG_FEATURE_TLS_SHA1
bool "In TLS code, support ciphers which use deprecated SHA1"
depends on BUSYBOX_CONFIG_TLS
default BUSYBOX_DEFAULT_FEATURE_TLS_SHA1
help
Selecting this option increases interoperability with very old
servers, but slightly increases code size.
Most TLS servers support SHA256 today (2018), since SHA1 is
considered possibly insecure (although not yet definitely broken).
config BUSYBOX_CONFIG_ARP
bool "arp (10 kb)"
default BUSYBOX_DEFAULT_ARP
help
Manipulate the system ARP cache.
config BUSYBOX_CONFIG_ARPING
bool "arping (9 kb)"
default BUSYBOX_DEFAULT_ARPING
help
Ping hosts by ARP packets.
config BUSYBOX_CONFIG_BRCTL
bool "brctl (4.7 kb)"
default BUSYBOX_DEFAULT_BRCTL
help
Manage ethernet bridges.
Supports addbr/delbr and addif/delif.
config BUSYBOX_CONFIG_FEATURE_BRCTL_FANCY
bool "Fancy options"
default BUSYBOX_DEFAULT_FEATURE_BRCTL_FANCY
depends on BUSYBOX_CONFIG_BRCTL
help
Add support for extended option like:
setageing, setfd, sethello, setmaxage,
setpathcost, setportprio, setbridgeprio,
stp
This adds about 600 bytes.
config BUSYBOX_CONFIG_FEATURE_BRCTL_SHOW
bool "Support show"
default BUSYBOX_DEFAULT_FEATURE_BRCTL_SHOW
depends on BUSYBOX_CONFIG_BRCTL && BUSYBOX_CONFIG_FEATURE_BRCTL_FANCY
help
Add support for option which prints the current config:
show
config BUSYBOX_CONFIG_DNSD
bool "dnsd (9.8 kb)"
default BUSYBOX_DEFAULT_DNSD
help
Small and static DNS server daemon.
config BUSYBOX_CONFIG_ETHER_WAKE
bool "ether-wake (4.9 kb)"
default BUSYBOX_DEFAULT_ETHER_WAKE
help
Send a magic packet to wake up sleeping machines.
config BUSYBOX_CONFIG_FTPD
bool "ftpd (30 kb)"
default BUSYBOX_DEFAULT_FTPD
help
Simple FTP daemon. You have to run it via inetd.
config BUSYBOX_CONFIG_FEATURE_FTPD_WRITE
bool "Enable -w (upload commands)"
default BUSYBOX_DEFAULT_FEATURE_FTPD_WRITE
depends on BUSYBOX_CONFIG_FTPD
help
Enable -w option. "ftpd -w" will accept upload commands
such as STOR, STOU, APPE, DELE, MKD, RMD, rename commands.
config BUSYBOX_CONFIG_FEATURE_FTPD_ACCEPT_BROKEN_LIST
bool "Enable workaround for RFC-violating clients"
default BUSYBOX_DEFAULT_FEATURE_FTPD_ACCEPT_BROKEN_LIST
depends on BUSYBOX_CONFIG_FTPD
help
Some ftp clients (among them KDE's Konqueror) issue illegal
"LIST -l" requests. This option works around such problems.
It might prevent you from listing files starting with "-" and
it increases the code size by ~40 bytes.
Most other ftp servers seem to behave similar to this.
config BUSYBOX_CONFIG_FEATURE_FTPD_AUTHENTICATION
bool "Enable authentication"
default BUSYBOX_DEFAULT_FEATURE_FTPD_AUTHENTICATION
depends on BUSYBOX_CONFIG_FTPD
help
Require login, and change to logged in user's UID:GID before
accessing any files. Option "-a USER" allows "anonymous"
logins (treats them as if USER logged in).
If this option is not selected, ftpd runs with the rights
of the user it was started under, and does not require login.
Take care to not launch it under root.
config BUSYBOX_CONFIG_FTPGET
bool "ftpget (7.8 kb)"
default BUSYBOX_DEFAULT_FTPGET
help
Retrieve a remote file via FTP.
config BUSYBOX_CONFIG_FTPPUT
bool "ftpput (7.5 kb)"
default BUSYBOX_DEFAULT_FTPPUT
help
Store a remote file via FTP.
config BUSYBOX_CONFIG_FEATURE_FTPGETPUT_LONG_OPTIONS
bool "Enable long options in ftpget/ftpput"
default BUSYBOX_DEFAULT_FEATURE_FTPGETPUT_LONG_OPTIONS
depends on BUSYBOX_CONFIG_LONG_OPTS && (BUSYBOX_CONFIG_FTPGET || BUSYBOX_CONFIG_FTPPUT)
config BUSYBOX_CONFIG_HOSTNAME
bool "hostname (5.5 kb)"
default BUSYBOX_DEFAULT_HOSTNAME
help
Show or set the system's host name.
config BUSYBOX_CONFIG_DNSDOMAINNAME
bool "dnsdomainname (3.6 kb)"
default BUSYBOX_DEFAULT_DNSDOMAINNAME
help
Alias to "hostname -d".
config BUSYBOX_CONFIG_HTTPD
bool "httpd (32 kb)"
default BUSYBOX_DEFAULT_HTTPD
help
HTTP server.
config BUSYBOX_CONFIG_FEATURE_HTTPD_RANGES
bool "Support 'Ranges:' header"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_RANGES
depends on BUSYBOX_CONFIG_HTTPD
help
Makes httpd emit "Accept-Ranges: bytes" header and understand
"Range: bytes=NNN-[MMM]" header. Allows for resuming interrupted
downloads, seeking in multimedia players etc.
config BUSYBOX_CONFIG_FEATURE_HTTPD_SETUID
bool "Enable -u <user> option"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_SETUID
depends on BUSYBOX_CONFIG_HTTPD
help
This option allows the server to run as a specific user
rather than defaulting to the user that starts the server.
Use of this option requires special privileges to change to a
different user.
config BUSYBOX_CONFIG_FEATURE_HTTPD_BASIC_AUTH
bool "Enable HTTP authentication"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_BASIC_AUTH
depends on BUSYBOX_CONFIG_HTTPD
help
Utilizes password settings from /etc/httpd.conf for basic
authentication on a per url basis.
Example for httpd.conf file:
/adm:toor:PaSsWd
config BUSYBOX_CONFIG_FEATURE_HTTPD_AUTH_MD5
bool "Support MD5-encrypted passwords in HTTP authentication"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_AUTH_MD5
depends on BUSYBOX_CONFIG_FEATURE_HTTPD_BASIC_AUTH
help
Enables encrypted passwords, and wildcard user/passwords
in httpd.conf file.
User '*' means 'any system user name is ok',
password of '*' means 'use system password for this user'
Examples:
/adm:toor:$1$P/eKnWXS$aI1aPGxT.dJD5SzqAKWrF0
/adm:root:*
/wiki:*:*
config BUSYBOX_CONFIG_FEATURE_HTTPD_CGI
bool "Support Common Gateway Interface (CGI)"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_CGI
depends on BUSYBOX_CONFIG_HTTPD
help
This option allows scripts and executables to be invoked
when specific URLs are requested.
config BUSYBOX_CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
bool "Support running scripts through an interpreter"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR
depends on BUSYBOX_CONFIG_FEATURE_HTTPD_CGI
help
This option enables support for running scripts through an
interpreter. Turn this on if you want PHP scripts to work
properly. You need to supply an additional line in your
httpd.conf file:
*.php:/path/to/your/php
config BUSYBOX_CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
bool "Set REMOTE_PORT environment variable for CGI"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
depends on BUSYBOX_CONFIG_FEATURE_HTTPD_CGI
help
Use of this option can assist scripts in generating
references that contain a unique port number.
config BUSYBOX_CONFIG_FEATURE_HTTPD_ENCODE_URL_STR
bool "Enable -e option (useful for CGIs written as shell scripts)"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_ENCODE_URL_STR
depends on BUSYBOX_CONFIG_HTTPD
help
This option allows html encoding of arbitrary strings for display
by the browser. Output goes to stdout.
For example, httpd -e "<Hello World>" produces
"&#60Hello&#32World&#62".
config BUSYBOX_CONFIG_FEATURE_HTTPD_ERROR_PAGES
bool "Support custom error pages"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_ERROR_PAGES
depends on BUSYBOX_CONFIG_HTTPD
help
This option allows you to define custom error pages in
the configuration file instead of the default HTTP status
error pages. For instance, if you add the line:
E404:/path/e404.html
in the config file, the server will respond the specified
'/path/e404.html' file instead of the terse '404 NOT FOUND'
message.
config BUSYBOX_CONFIG_FEATURE_HTTPD_PROXY
bool "Support reverse proxy"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_PROXY
depends on BUSYBOX_CONFIG_HTTPD
help
This option allows you to define URLs that will be forwarded
to another HTTP server. To setup add the following line to the
configuration file
P:/url/:http://hostname[:port]/new/path/
Then a request to /url/myfile will be forwarded to
http://hostname[:port]/new/path/myfile.
config BUSYBOX_CONFIG_FEATURE_HTTPD_GZIP
bool "Support GZIP content encoding"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_GZIP
depends on BUSYBOX_CONFIG_HTTPD
help
Makes httpd send files using GZIP content encoding if the
client supports it and a pre-compressed <file>.gz exists.
busybox: update to 1.33 Remove stime backport. Remove static libgcc patch as upstream fixed it with BUSYBOX_DEFAULT_STATIC_LIBGCC which defauls to off. Remove date -k patch as it no longer applies. It's also pointless as busybox' hwclock utility can do the same thing. Remove ntpd patch as that seems to have been applied upstream. Add smalll patch fixing compilation with SELinux. Upstream commit 2496616b0a8d1c80cd1416b73a4847b59b9f969a renamed the variable without renaming it in the SELinux path. Refresh config and patches. Config refresh: Refresh commands, run after busybox is first built once: cd package/utils/busybox/config/ ../convert_menuconfig.pl ../../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0 cd .. ./convert_defaults.pl < ../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0/.config > Config-defaults.in Manual edits needed afterward: * Config-defaults.in: OpenWrt config symbol IPV6 logic applied to BUSYBOX_DEFAULT_FEATURE_IPV6 * Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec) * editors/Config.in: Add USE_GLIBC dependency to BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090) * shell/Config.in : change at "Options common to all shells" the symbol SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html Apparently our script does not see the hidden option while prepending config options with "BUSYBOX_CONFIG_" which leads to a missed dependency when the options are later evaluated.) * Edit Config.in files by adding quotes to sourced items in config/Config.in, networking/Config.in and util-linux/Config.in (commit 1da014f) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> [Added comments from Hannu Nyman to commit message] Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-02-01 00:15:53 +00:00
config BUSYBOX_CONFIG_FEATURE_HTTPD_ETAG
bool "Support caching via ETag header"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_ETAG
depends on BUSYBOX_CONFIG_HTTPD
help
If server responds with ETag then next time client (browser)
resend it via If-None-Match header.
Then httpd will check if file wasn't modified and if not,
return 304 Not Modified status code.
The ETag value is constructed from last modification date
in unix epoch, and size: "hex(last_mod)-hex(file_size)".
It's not completely reliable as hash functions but fair enough.
config BUSYBOX_CONFIG_FEATURE_HTTPD_LAST_MODIFIED
bool "Add Last-Modified header to response"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_LAST_MODIFIED
depends on BUSYBOX_CONFIG_HTTPD
help
The Last-Modified header is used for cache validation.
The client sends last seen mtime to server in If-Modified-Since.
Both headers MUST be an RFC 1123 formatted, which is hard to parse.
Use ETag header instead.
config BUSYBOX_CONFIG_FEATURE_HTTPD_DATE
bool "Add Date header to response"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_DATE
depends on BUSYBOX_CONFIG_HTTPD
help
RFC2616 says that server MUST add Date header to response.
But it is almost useless and can be omitted.
config BUSYBOX_CONFIG_FEATURE_HTTPD_ACL_IP
bool "ACL IP"
default BUSYBOX_DEFAULT_FEATURE_HTTPD_ACL_IP
depends on BUSYBOX_CONFIG_HTTPD
help
Support IP deny/allow rules
config BUSYBOX_CONFIG_IFCONFIG
bool "ifconfig (12 kb)"
default BUSYBOX_DEFAULT_IFCONFIG
help
Ifconfig is used to configure the kernel-resident network interfaces.
config BUSYBOX_CONFIG_FEATURE_IFCONFIG_STATUS
bool "Enable status reporting output (+7k)"
default BUSYBOX_DEFAULT_FEATURE_IFCONFIG_STATUS
depends on BUSYBOX_CONFIG_IFCONFIG
help
If ifconfig is called with no arguments it will display the status
of the currently active interfaces.
config BUSYBOX_CONFIG_FEATURE_IFCONFIG_SLIP
bool "Enable slip-specific options \"keepalive\" and \"outfill\""
default BUSYBOX_DEFAULT_FEATURE_IFCONFIG_SLIP
depends on BUSYBOX_CONFIG_IFCONFIG
help
Allow "keepalive" and "outfill" support for SLIP. If you're not
planning on using serial lines, leave this unchecked.
config BUSYBOX_CONFIG_FEATURE_IFCONFIG_MEMSTART_IOADDR_IRQ
bool "Enable options \"mem_start\", \"io_addr\", and \"irq\""
default BUSYBOX_DEFAULT_FEATURE_IFCONFIG_MEMSTART_IOADDR_IRQ
depends on BUSYBOX_CONFIG_IFCONFIG
help
Allow the start address for shared memory, start address for I/O,
and/or the interrupt line used by the specified device.
config BUSYBOX_CONFIG_FEATURE_IFCONFIG_HW
bool "Enable option \"hw\" (ether only)"
default BUSYBOX_DEFAULT_FEATURE_IFCONFIG_HW
depends on BUSYBOX_CONFIG_IFCONFIG
help
Set the hardware address of this interface, if the device driver
supports this operation. Currently, we only support the 'ether'
class.
config BUSYBOX_CONFIG_FEATURE_IFCONFIG_BROADCAST_PLUS
bool "Set the broadcast automatically"
default BUSYBOX_DEFAULT_FEATURE_IFCONFIG_BROADCAST_PLUS
depends on BUSYBOX_CONFIG_IFCONFIG
help
Setting this will make ifconfig attempt to find the broadcast
automatically if the value '+' is used.
config BUSYBOX_CONFIG_IFENSLAVE
bool "ifenslave (13 kb)"
default BUSYBOX_DEFAULT_IFENSLAVE
help
Userspace application to bind several interfaces
to a logical interface (use with kernel bonding driver).
config BUSYBOX_CONFIG_IFPLUGD
bool "ifplugd (10 kb)"
default BUSYBOX_DEFAULT_IFPLUGD
help
Network interface plug detection daemon.
config BUSYBOX_CONFIG_IFUP
bool "ifup (14 kb)"
default BUSYBOX_DEFAULT_IFUP
help
Activate the specified interfaces. This applet makes use
of either "ifconfig" and "route" or the "ip" command to actually
configure network interfaces. Therefore, you will probably also want
to enable either IFCONFIG and ROUTE, or enable
FEATURE_IFUPDOWN_IP and the various IP options. Of
course you could use non-busybox versions of these programs, so
against my better judgement (since this will surely result in plenty
of support questions on the mailing list), I do not force you to
enable these additional options. It is up to you to supply either
"ifconfig", "route" and "run-parts" or the "ip" command, either
via busybox or via standalone utilities.
config BUSYBOX_CONFIG_IFDOWN
bool "ifdown (13 kb)"
default BUSYBOX_DEFAULT_IFDOWN
help
Deactivate the specified interfaces.
config BUSYBOX_CONFIG_IFUPDOWN_IFSTATE_PATH
string "Absolute path to ifstate file"
default BUSYBOX_DEFAULT_IFUPDOWN_IFSTATE_PATH
depends on BUSYBOX_CONFIG_IFUP || BUSYBOX_CONFIG_IFDOWN
help
ifupdown keeps state information in a file called ifstate.
Typically it is located in /var/run/ifstate, however
some distributions tend to put it in other places
(debian, for example, uses /etc/network/run/ifstate).
This config option defines location of ifstate.
config BUSYBOX_CONFIG_FEATURE_IFUPDOWN_IP
bool "Use ip tool (else ifconfig/route is used)"
default BUSYBOX_DEFAULT_FEATURE_IFUPDOWN_IP
depends on BUSYBOX_CONFIG_IFUP || BUSYBOX_CONFIG_IFDOWN
help
Use the iproute "ip" command to implement "ifup" and "ifdown", rather
than the default of using the older "ifconfig" and "route" utilities.
If Y: you must install either the full-blown iproute2 package
or enable "ip" applet in busybox, or the "ifup" and "ifdown" applets
will not work.
If N: you must install either the full-blown ifconfig and route
utilities, or enable these applets in busybox.
config BUSYBOX_CONFIG_FEATURE_IFUPDOWN_IPV4
bool "Support IPv4"
default BUSYBOX_DEFAULT_FEATURE_IFUPDOWN_IPV4
depends on BUSYBOX_CONFIG_IFUP || BUSYBOX_CONFIG_IFDOWN
help
If you want ifup/ifdown to talk IPv4, leave this on.
config BUSYBOX_CONFIG_FEATURE_IFUPDOWN_IPV6
bool "Support IPv6"
default BUSYBOX_DEFAULT_FEATURE_IFUPDOWN_IPV6
depends on (BUSYBOX_CONFIG_IFUP || BUSYBOX_CONFIG_IFDOWN) && BUSYBOX_CONFIG_FEATURE_IPV6
help
If you need support for IPv6, turn this option on.
config BUSYBOX_CONFIG_FEATURE_IFUPDOWN_MAPPING
bool "Enable mapping support"
default BUSYBOX_DEFAULT_FEATURE_IFUPDOWN_MAPPING
depends on BUSYBOX_CONFIG_IFUP || BUSYBOX_CONFIG_IFDOWN
help
This enables support for the "mapping" stanza, unless you have
a weird network setup you don't need it.
config BUSYBOX_CONFIG_FEATURE_IFUPDOWN_EXTERNAL_DHCP
bool "Support external DHCP clients"
default BUSYBOX_DEFAULT_FEATURE_IFUPDOWN_EXTERNAL_DHCP
depends on BUSYBOX_CONFIG_IFUP || BUSYBOX_CONFIG_IFDOWN
help
This enables support for the external dhcp clients. Clients are
tried in the following order: dhcpcd, dhclient, pump and udhcpc.
Otherwise, if udhcpc applet is enabled, it is used.
Otherwise, ifup/ifdown will have no support for DHCP.
config BUSYBOX_CONFIG_INETD
bool "inetd (18 kb)"
default BUSYBOX_DEFAULT_INETD
select BUSYBOX_CONFIG_FEATURE_SYSLOG
help
Internet superserver daemon
config BUSYBOX_CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_ECHO
bool "Support echo service on port 7"
default BUSYBOX_DEFAULT_FEATURE_INETD_SUPPORT_BUILTIN_ECHO
depends on BUSYBOX_CONFIG_INETD
help
Internal service which echoes data back.
Activated by configuration lines like these:
echo stream tcp nowait root internal
echo dgram udp wait root internal
config BUSYBOX_CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD
bool "Support discard service on port 8"
default BUSYBOX_DEFAULT_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD
depends on BUSYBOX_CONFIG_INETD
help
Internal service which discards all input.
Activated by configuration lines like these:
discard stream tcp nowait root internal
discard dgram udp wait root internal
config BUSYBOX_CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_TIME
bool "Support time service on port 37"
default BUSYBOX_DEFAULT_FEATURE_INETD_SUPPORT_BUILTIN_TIME
depends on BUSYBOX_CONFIG_INETD
help
Internal service which returns big-endian 32-bit number
of seconds passed since 1900-01-01. The number wraps around
on overflow.
Activated by configuration lines like these:
time stream tcp nowait root internal
time dgram udp wait root internal
config BUSYBOX_CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME
bool "Support daytime service on port 13"
default BUSYBOX_DEFAULT_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME
depends on BUSYBOX_CONFIG_INETD
help
Internal service which returns human-readable time.
Activated by configuration lines like these:
daytime stream tcp nowait root internal
daytime dgram udp wait root internal
config BUSYBOX_CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN
bool "Support chargen service on port 19"
default BUSYBOX_DEFAULT_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN
depends on BUSYBOX_CONFIG_INETD
help
Internal service which generates endless stream
of all ASCII chars beetween space and char 126.
Activated by configuration lines like these:
chargen stream tcp nowait root internal
chargen dgram udp wait root internal
config BUSYBOX_CONFIG_FEATURE_INETD_RPC
bool "Support RPC services"
default BUSYBOX_DEFAULT_FEATURE_INETD_RPC # very rarely used, and needs Sun RPC support in libc
depends on BUSYBOX_CONFIG_INETD
help
Support Sun-RPC based services
config BUSYBOX_CONFIG_IP
bool "ip (35 kb)"
default BUSYBOX_DEFAULT_IP
help
The "ip" applet is a TCP/IP interface configuration and routing
utility.
Short forms (enabled below) are busybox-specific extensions.
The standard "ip" utility does not provide them. If you are
trying to be portable, it's better to use "ip CMD" forms.
config BUSYBOX_CONFIG_IPADDR
bool "ipaddr (14 kb)"
default BUSYBOX_DEFAULT_IPADDR
select BUSYBOX_CONFIG_FEATURE_IP_ADDRESS
help
Short form of "ip addr"
config BUSYBOX_CONFIG_IPLINK
bool "iplink (17 kb)"
default BUSYBOX_DEFAULT_IPLINK
select BUSYBOX_CONFIG_FEATURE_IP_LINK
help
Short form of "ip link"
config BUSYBOX_CONFIG_IPROUTE
bool "iproute (15 kb)"
default BUSYBOX_DEFAULT_IPROUTE
select BUSYBOX_CONFIG_FEATURE_IP_ROUTE
help
Short form of "ip route"
config BUSYBOX_CONFIG_IPTUNNEL
bool "iptunnel (9.6 kb)"
default BUSYBOX_DEFAULT_IPTUNNEL
select BUSYBOX_CONFIG_FEATURE_IP_TUNNEL
help
Short form of "ip tunnel"
config BUSYBOX_CONFIG_IPRULE
bool "iprule (10 kb)"
default BUSYBOX_DEFAULT_IPRULE
select BUSYBOX_CONFIG_FEATURE_IP_RULE
help
Short form of "ip rule"
config BUSYBOX_CONFIG_IPNEIGH
bool "ipneigh (8.3 kb)"
default BUSYBOX_DEFAULT_IPNEIGH
select BUSYBOX_CONFIG_FEATURE_IP_NEIGH
help
Short form of "ip neigh"
config BUSYBOX_CONFIG_FEATURE_IP_ADDRESS
bool "ip address"
default BUSYBOX_DEFAULT_FEATURE_IP_ADDRESS
depends on BUSYBOX_CONFIG_IP || BUSYBOX_CONFIG_IPADDR
help
Address manipulation support for the "ip" applet.
config BUSYBOX_CONFIG_FEATURE_IP_LINK
bool "ip link"
default BUSYBOX_DEFAULT_FEATURE_IP_LINK
depends on BUSYBOX_CONFIG_IP || BUSYBOX_CONFIG_IPLINK
help
Configure network devices with "ip".
config BUSYBOX_CONFIG_FEATURE_IP_ROUTE
bool "ip route"
default BUSYBOX_DEFAULT_FEATURE_IP_ROUTE
depends on BUSYBOX_CONFIG_IP || BUSYBOX_CONFIG_IPROUTE
help
Add support for routing table management to "ip".
config BUSYBOX_CONFIG_FEATURE_IP_ROUTE_DIR
string "ip route configuration directory"
default BUSYBOX_DEFAULT_FEATURE_IP_ROUTE_DIR
depends on BUSYBOX_CONFIG_FEATURE_IP_ROUTE
help
Location of the "ip" applet routing configuration.
config BUSYBOX_CONFIG_FEATURE_IP_TUNNEL
bool "ip tunnel"
default BUSYBOX_DEFAULT_FEATURE_IP_TUNNEL
depends on BUSYBOX_CONFIG_IP || BUSYBOX_CONFIG_IPTUNNEL
help
Add support for tunneling commands to "ip".
config BUSYBOX_CONFIG_FEATURE_IP_RULE
bool "ip rule"
default BUSYBOX_DEFAULT_FEATURE_IP_RULE
depends on BUSYBOX_CONFIG_IP || BUSYBOX_CONFIG_IPRULE
help
Add support for rule commands to "ip".
config BUSYBOX_CONFIG_FEATURE_IP_NEIGH
bool "ip neighbor"
default BUSYBOX_DEFAULT_FEATURE_IP_NEIGH
depends on BUSYBOX_CONFIG_IP || BUSYBOX_CONFIG_IPNEIGH
help
Add support for neighbor commands to "ip".
config BUSYBOX_CONFIG_FEATURE_IP_RARE_PROTOCOLS
bool "Support displaying rarely used link types"
default BUSYBOX_DEFAULT_FEATURE_IP_RARE_PROTOCOLS
depends on BUSYBOX_CONFIG_IP || BUSYBOX_CONFIG_IPADDR || BUSYBOX_CONFIG_IPLINK || BUSYBOX_CONFIG_IPROUTE || BUSYBOX_CONFIG_IPTUNNEL || BUSYBOX_CONFIG_IPRULE || BUSYBOX_CONFIG_IPNEIGH
help
If you are not going to use links of type "frad", "econet",
"bif" etc, you probably don't need to enable this.
Ethernet, wireless, infrared, ppp/slip, ip tunnelling
link types are supported without this option selected.
config BUSYBOX_CONFIG_IPCALC
bool "ipcalc (4.4 kb)"
default BUSYBOX_DEFAULT_IPCALC
help
ipcalc takes an IP address and netmask and calculates the
resulting broadcast, network, and host range.
config BUSYBOX_CONFIG_FEATURE_IPCALC_LONG_OPTIONS
bool "Enable long options"
default BUSYBOX_DEFAULT_FEATURE_IPCALC_LONG_OPTIONS
depends on BUSYBOX_CONFIG_IPCALC && BUSYBOX_CONFIG_LONG_OPTS
config BUSYBOX_CONFIG_FEATURE_IPCALC_FANCY
bool "Fancy IPCALC, more options, adds 1 kbyte"
default BUSYBOX_DEFAULT_FEATURE_IPCALC_FANCY
depends on BUSYBOX_CONFIG_IPCALC
help
Adds the options hostname, prefix and silent to the output of
"ipcalc".
config BUSYBOX_CONFIG_FAKEIDENTD
bool "fakeidentd (8.7 kb)"
default BUSYBOX_DEFAULT_FAKEIDENTD
select BUSYBOX_CONFIG_FEATURE_SYSLOG
help
fakeidentd listens on the ident port and returns a predefined
fake value on any query.
config BUSYBOX_CONFIG_NAMEIF
bool "nameif (6.6 kb)"
default BUSYBOX_DEFAULT_NAMEIF
select BUSYBOX_CONFIG_FEATURE_SYSLOG
help
nameif is used to rename network interface by its MAC address.
Renamed interfaces MUST be in the down state.
It is possible to use a file (default: /etc/mactab)
with list of new interface names and MACs.
Maximum interface name length: IFNAMSIZ = 16
File fields are separated by space or tab.
File format:
# Comment
new_interface_name XX:XX:XX:XX:XX:XX
config BUSYBOX_CONFIG_FEATURE_NAMEIF_EXTENDED
bool "Extended nameif"
default BUSYBOX_DEFAULT_FEATURE_NAMEIF_EXTENDED
depends on BUSYBOX_CONFIG_NAMEIF
help
This extends the nameif syntax to support the bus_info, driver,
phyaddr selectors. The syntax is compatible to the normal nameif.
File format:
new_interface_name driver=asix bus=usb-0000:00:08.2-3
new_interface_name bus=usb-0000:00:08.2-3 00:80:C8:38:91:B5
new_interface_name phy_address=2 00:80:C8:38:91:B5
new_interface_name mac=00:80:C8:38:91:B5
new_interface_name 00:80:C8:38:91:B5
config BUSYBOX_CONFIG_NBDCLIENT
bool "nbd-client (6 kb)"
default BUSYBOX_DEFAULT_NBDCLIENT
help
Network block device client
config BUSYBOX_CONFIG_NC
bool "nc (11 kb)"
default BUSYBOX_DEFAULT_NC
help
A simple Unix utility which reads and writes data across network
connections.
config BUSYBOX_CONFIG_NETCAT
bool "netcat (11 kb)"
default BUSYBOX_DEFAULT_NETCAT
help
Alias to nc.
config BUSYBOX_CONFIG_NC_SERVER
bool "Netcat server options (-l)"
default BUSYBOX_DEFAULT_NC_SERVER
depends on BUSYBOX_CONFIG_NC || BUSYBOX_CONFIG_NETCAT
help
Allow netcat to act as a server.
config BUSYBOX_CONFIG_NC_EXTRA
bool "Netcat extensions (-eiw and -f FILE)"
default BUSYBOX_DEFAULT_NC_EXTRA
depends on BUSYBOX_CONFIG_NC || BUSYBOX_CONFIG_NETCAT
help
Add -e (support for executing the rest of the command line after
making or receiving a successful connection), -i (delay interval for
lines sent), -w (timeout for initial connection).
config BUSYBOX_CONFIG_NC_110_COMPAT
bool "Netcat 1.10 compatibility (+2.5k)"
default BUSYBOX_DEFAULT_NC_110_COMPAT
depends on BUSYBOX_CONFIG_NC || BUSYBOX_CONFIG_NETCAT
help
This option makes nc closely follow original nc-1.10.
The code is about 2.5k bigger. It enables
-s ADDR, -n, -u, -v, -o FILE, -z options, but loses
busybox-specific extensions: -f FILE.
config BUSYBOX_CONFIG_NETMSG
bool "netmsg"
default BUSYBOX_DEFAULT_NETMSG
help
simple program for sending udp broadcast messages
config BUSYBOX_CONFIG_NETSTAT
bool "netstat (10 kb)"
default BUSYBOX_DEFAULT_NETSTAT
help
netstat prints information about the Linux networking subsystem.
config BUSYBOX_CONFIG_FEATURE_NETSTAT_WIDE
bool "Enable wide output"
default BUSYBOX_DEFAULT_FEATURE_NETSTAT_WIDE
depends on BUSYBOX_CONFIG_NETSTAT
help
Add support for wide columns. Useful when displaying IPv6 addresses
(-W option).
config BUSYBOX_CONFIG_FEATURE_NETSTAT_PRG
bool "Enable PID/Program name output"
default BUSYBOX_DEFAULT_FEATURE_NETSTAT_PRG
depends on BUSYBOX_CONFIG_NETSTAT
help
Add support for -p flag to print out PID and program name.
+700 bytes of code.
config BUSYBOX_CONFIG_NSLOOKUP
bool "nslookup (9.7 kb)"
default BUSYBOX_DEFAULT_NSLOOKUP
help
nslookup is a tool to query Internet name servers.
config BUSYBOX_CONFIG_FEATURE_NSLOOKUP_BIG
bool "Use internal resolver code instead of libc"
depends on BUSYBOX_CONFIG_NSLOOKUP
default BUSYBOX_DEFAULT_FEATURE_NSLOOKUP_BIG
config BUSYBOX_CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS
bool "Enable long options"
default BUSYBOX_DEFAULT_FEATURE_NSLOOKUP_LONG_OPTIONS
depends on BUSYBOX_CONFIG_FEATURE_NSLOOKUP_BIG && BUSYBOX_CONFIG_LONG_OPTS
config BUSYBOX_CONFIG_NTPD
bool "ntpd (22 kb)"
default BUSYBOX_DEFAULT_NTPD
help
The NTP client/server daemon.
config BUSYBOX_CONFIG_FEATURE_NTPD_SERVER
bool "Make ntpd usable as a NTP server"
default BUSYBOX_DEFAULT_FEATURE_NTPD_SERVER
depends on BUSYBOX_CONFIG_NTPD
help
Make ntpd usable as a NTP server. If you disable this option
ntpd will be usable only as a NTP client.
config BUSYBOX_CONFIG_FEATURE_NTPD_CONF
bool "Make ntpd understand /etc/ntp.conf"
default BUSYBOX_DEFAULT_FEATURE_NTPD_CONF
depends on BUSYBOX_CONFIG_NTPD
help
Make ntpd look in /etc/ntp.conf for peers. Only "server address"
is supported.
config BUSYBOX_CONFIG_FEATURE_NTP_AUTH
bool "Support md5/sha1 message authentication codes"
default BUSYBOX_DEFAULT_FEATURE_NTP_AUTH
depends on BUSYBOX_CONFIG_NTPD
config BUSYBOX_CONFIG_PING
bool "ping (10 kb)"
default BUSYBOX_DEFAULT_PING
help
ping uses the ICMP protocol's mandatory ECHO_REQUEST datagram to
elicit an ICMP ECHO_RESPONSE from a host or gateway.
config BUSYBOX_CONFIG_PING6
bool "ping6 (11 kb)"
default BUSYBOX_DEFAULT_PING6
depends on BUSYBOX_CONFIG_FEATURE_IPV6
help
Alias to "ping -6".
config BUSYBOX_CONFIG_FEATURE_FANCY_PING
bool "Enable fancy ping output"
default BUSYBOX_DEFAULT_FEATURE_FANCY_PING
depends on BUSYBOX_CONFIG_PING || BUSYBOX_CONFIG_PING6
help
With this option off, ping will say "HOST is alive!"
or terminate with SIGALRM in 5 seconds otherwise.
No command-line options will be recognized.
config BUSYBOX_CONFIG_PSCAN
bool "pscan (6 kb)"
default BUSYBOX_DEFAULT_PSCAN
help
Simple network port scanner.
config BUSYBOX_CONFIG_ROUTE
bool "route (8.7 kb)"
default BUSYBOX_DEFAULT_ROUTE
help
Route displays or manipulates the kernel's IP routing tables.
config BUSYBOX_CONFIG_SLATTACH
bool "slattach (6.2 kb)"
default BUSYBOX_DEFAULT_SLATTACH
help
slattach configures serial line as SLIP network interface.
config BUSYBOX_CONFIG_SSL_CLIENT
bool "ssl_client (25 kb)"
default BUSYBOX_DEFAULT_SSL_CLIENT
select BUSYBOX_CONFIG_TLS
help
This tool pipes data to/from a socket, TLS-encrypting it.
config BUSYBOX_CONFIG_TC
bool "tc (8.3 kb)"
default BUSYBOX_DEFAULT_TC
help
Show / manipulate traffic control settings
config BUSYBOX_CONFIG_FEATURE_TC_INGRESS
bool "Enable ingress"
default BUSYBOX_DEFAULT_FEATURE_TC_INGRESS
depends on BUSYBOX_CONFIG_TC
config BUSYBOX_CONFIG_TCPSVD
bool "tcpsvd (14 kb)"
default BUSYBOX_DEFAULT_TCPSVD
help
tcpsvd listens on a TCP port and runs a program for each new
connection.
config BUSYBOX_CONFIG_UDPSVD
bool "udpsvd (13 kb)"
default BUSYBOX_DEFAULT_UDPSVD
help
udpsvd listens on an UDP port and runs a program for each new
connection.
config BUSYBOX_CONFIG_TELNET
bool "telnet (8.8 kb)"
default BUSYBOX_DEFAULT_TELNET
help
Telnet is an interface to the TELNET protocol, but is also commonly
used to test other simple protocols.
config BUSYBOX_CONFIG_FEATURE_TELNET_TTYPE
bool "Pass TERM type to remote host"
default BUSYBOX_DEFAULT_FEATURE_TELNET_TTYPE
depends on BUSYBOX_CONFIG_TELNET
help
Setting this option will forward the TERM environment variable to the
remote host you are connecting to. This is useful to make sure that
things like ANSI colors and other control sequences behave.
config BUSYBOX_CONFIG_FEATURE_TELNET_AUTOLOGIN
bool "Pass USER type to remote host"
default BUSYBOX_DEFAULT_FEATURE_TELNET_AUTOLOGIN
depends on BUSYBOX_CONFIG_TELNET
help
Setting this option will forward the USER environment variable to the
remote host you are connecting to. This is useful when you need to
log into a machine without telling the username (autologin). This
option enables '-a' and '-l USER' options.
config BUSYBOX_CONFIG_FEATURE_TELNET_WIDTH
bool "Enable window size autodetection"
default BUSYBOX_DEFAULT_FEATURE_TELNET_WIDTH
depends on BUSYBOX_CONFIG_TELNET
config BUSYBOX_CONFIG_TELNETD
bool "telnetd (12 kb)"
default BUSYBOX_DEFAULT_TELNETD
select BUSYBOX_CONFIG_FEATURE_SYSLOG
help
A daemon for the TELNET protocol, allowing you to log onto the host
running the daemon. Please keep in mind that the TELNET protocol
sends passwords in plain text. If you can't afford the space for an
SSH daemon and you trust your network, you may say 'y' here. As a
more secure alternative, you should seriously consider installing the
very small Dropbear SSH daemon instead:
http://matt.ucc.asn.au/dropbear/dropbear.html
Note that for busybox telnetd to work you need several things:
First of all, your kernel needs:
CONFIG_UNIX98_PTYS=y
Next, you need a /dev/pts directory on your root filesystem:
$ ls -ld /dev/pts
drwxr-xr-x 2 root root 0 Sep 23 13:21 /dev/pts/
Next you need the pseudo terminal master multiplexer /dev/ptmx:
$ ls -la /dev/ptmx
crw-rw-rw- 1 root tty 5, 2 Sep 23 13:55 /dev/ptmx
Any /dev/ttyp[0-9]* files you may have can be removed.
Next, you need to mount the devpts filesystem on /dev/pts using:
mount -t devpts devpts /dev/pts
You need to be sure that busybox has LOGIN and
FEATURE_SUID enabled. And finally, you should make
certain that busybox has been installed setuid root:
chown root.root /bin/busybox
chmod 4755 /bin/busybox
with all that done, telnetd _should_ work....
config BUSYBOX_CONFIG_FEATURE_TELNETD_STANDALONE
bool "Support standalone telnetd (not inetd only)"
default BUSYBOX_DEFAULT_FEATURE_TELNETD_STANDALONE
depends on BUSYBOX_CONFIG_TELNETD
help
Selecting this will make telnetd able to run standalone.
config BUSYBOX_CONFIG_FEATURE_TELNETD_INETD_WAIT
bool "Support -w SEC option (inetd wait mode)"
default BUSYBOX_DEFAULT_FEATURE_TELNETD_INETD_WAIT
depends on BUSYBOX_CONFIG_FEATURE_TELNETD_STANDALONE
help
This option allows you to run telnetd in "inet wait" mode.
Example inetd.conf line (note "wait", not usual "nowait"):
telnet stream tcp wait root /bin/telnetd telnetd -w10
In this example, inetd passes _listening_ socket_ as fd 0
to telnetd when connection appears.
telnetd will wait for connections until all existing
connections are closed, and no new connections
appear during 10 seconds. Then it exits, and inetd continues
to listen for new connections.
This option is rarely used. "tcp nowait" is much more usual
way of running tcp services, including telnetd.
You most probably want to say N here.
config BUSYBOX_CONFIG_TFTP
bool "tftp (11 kb)"
default BUSYBOX_DEFAULT_TFTP
help
Trivial File Transfer Protocol client. TFTP is usually used
for simple, small transfers such as a root image
for a network-enabled bootloader.
config BUSYBOX_CONFIG_FEATURE_TFTP_PROGRESS_BAR
bool "Enable progress bar"
default BUSYBOX_DEFAULT_FEATURE_TFTP_PROGRESS_BAR
depends on BUSYBOX_CONFIG_TFTP
config BUSYBOX_CONFIG_FEATURE_TFTP_HPA_COMPAT
bool "tftp-hpa compat (support -c get/put FILE)"
default BUSYBOX_DEFAULT_FEATURE_TFTP_HPA_COMPAT
depends on BUSYBOX_CONFIG_TFTP
config BUSYBOX_CONFIG_TFTPD
bool "tftpd (10 kb)"
default BUSYBOX_DEFAULT_TFTPD
help
Trivial File Transfer Protocol server.
It expects that stdin is a datagram socket and a packet
is already pending on it. It will exit after one transfer.
In other words: it should be run from inetd in nowait mode,
or from udpsvd. Example: "udpsvd -E 0 69 tftpd DIR"
config BUSYBOX_CONFIG_FEATURE_TFTP_GET
bool "Enable 'tftp get' and/or tftpd upload code"
default BUSYBOX_DEFAULT_FEATURE_TFTP_GET
depends on BUSYBOX_CONFIG_TFTP || BUSYBOX_CONFIG_TFTPD
help
Add support for the GET command within the TFTP client. This allows
a client to retrieve a file from a TFTP server.
Also enable upload support in tftpd, if tftpd is selected.
Note: this option does _not_ make tftpd capable of download
(the usual operation people need from it)!
config BUSYBOX_CONFIG_FEATURE_TFTP_PUT
bool "Enable 'tftp put' and/or tftpd download code"
default BUSYBOX_DEFAULT_FEATURE_TFTP_PUT
depends on BUSYBOX_CONFIG_TFTP || BUSYBOX_CONFIG_TFTPD
help
Add support for the PUT command within the TFTP client. This allows
a client to transfer a file to a TFTP server.
Also enable download support in tftpd, if tftpd is selected.
config BUSYBOX_CONFIG_FEATURE_TFTP_BLOCKSIZE
bool "Enable 'blksize' and 'tsize' protocol options"
default BUSYBOX_DEFAULT_FEATURE_TFTP_BLOCKSIZE
depends on BUSYBOX_CONFIG_TFTP || BUSYBOX_CONFIG_TFTPD
help
Allow tftp to specify block size, and tftpd to understand
"blksize" and "tsize" options.
config BUSYBOX_CONFIG_TFTP_DEBUG
bool "Enable debug"
default BUSYBOX_DEFAULT_TFTP_DEBUG
depends on BUSYBOX_CONFIG_TFTP || BUSYBOX_CONFIG_TFTPD
help
Make tftp[d] print debugging messages on stderr.
This is useful if you are diagnosing a bug in tftp[d].
config BUSYBOX_CONFIG_TLS
bool #No description makes it a hidden option
default BUSYBOX_DEFAULT_TLS
config BUSYBOX_CONFIG_TRACEROUTE
bool "traceroute (11 kb)"
default BUSYBOX_DEFAULT_TRACEROUTE
help
Utility to trace the route of IP packets.
config BUSYBOX_CONFIG_TRACEROUTE6
bool "traceroute6 (13 kb)"
default BUSYBOX_DEFAULT_TRACEROUTE6
depends on BUSYBOX_CONFIG_FEATURE_IPV6
help
Utility to trace the route of IPv6 packets.
config BUSYBOX_CONFIG_FEATURE_TRACEROUTE_VERBOSE
bool "Enable verbose output"
default BUSYBOX_DEFAULT_FEATURE_TRACEROUTE_VERBOSE
depends on BUSYBOX_CONFIG_TRACEROUTE || BUSYBOX_CONFIG_TRACEROUTE6
help
Add some verbosity to traceroute. This includes among other things
hostnames and ICMP response types.
config BUSYBOX_CONFIG_FEATURE_TRACEROUTE_USE_ICMP
bool "Enable -I option (use ICMP instead of UDP)"
default BUSYBOX_DEFAULT_FEATURE_TRACEROUTE_USE_ICMP
depends on BUSYBOX_CONFIG_TRACEROUTE || BUSYBOX_CONFIG_TRACEROUTE6
config BUSYBOX_CONFIG_TUNCTL
bool "tunctl (6.2 kb)"
default BUSYBOX_DEFAULT_TUNCTL
help
tunctl creates or deletes tun devices.
config BUSYBOX_CONFIG_FEATURE_TUNCTL_UG
bool "Support owner:group assignment"
default BUSYBOX_DEFAULT_FEATURE_TUNCTL_UG
depends on BUSYBOX_CONFIG_TUNCTL
help
Allow to specify owner and group of newly created interface.
340 bytes of pure bloat. Say no here.
config BUSYBOX_CONFIG_VCONFIG
bool "vconfig (2.3 kb)"
default BUSYBOX_DEFAULT_VCONFIG
help
Creates, removes, and configures VLAN interfaces
config BUSYBOX_CONFIG_WGET
bool "wget (38 kb)"
default BUSYBOX_DEFAULT_WGET
help
wget is a utility for non-interactive download of files from HTTP
and FTP servers.
config BUSYBOX_CONFIG_FEATURE_WGET_LONG_OPTIONS
bool "Enable long options"
default BUSYBOX_DEFAULT_FEATURE_WGET_LONG_OPTIONS
depends on BUSYBOX_CONFIG_WGET && BUSYBOX_CONFIG_LONG_OPTS
config BUSYBOX_CONFIG_FEATURE_WGET_STATUSBAR
bool "Enable progress bar (+2k)"
default BUSYBOX_DEFAULT_FEATURE_WGET_STATUSBAR
depends on BUSYBOX_CONFIG_WGET
config BUSYBOX_CONFIG_FEATURE_WGET_AUTHENTICATION
bool "Enable HTTP authentication"
default BUSYBOX_DEFAULT_FEATURE_WGET_AUTHENTICATION
depends on BUSYBOX_CONFIG_WGET
help
Support authenticated HTTP transfers.
config BUSYBOX_CONFIG_FEATURE_WGET_TIMEOUT
bool "Enable timeout option -T SEC"
default BUSYBOX_DEFAULT_FEATURE_WGET_TIMEOUT
depends on BUSYBOX_CONFIG_WGET
help
Supports network read and connect timeouts for wget,
so that wget will give up and timeout, through the -T
command line option.
Currently only connect and network data read timeout are
supported (i.e., timeout is not applied to the DNS query). When
FEATURE_WGET_LONG_OPTIONS is also enabled, the --timeout option
will work in addition to -T.
config BUSYBOX_CONFIG_FEATURE_WGET_HTTPS
bool "Support HTTPS using internal TLS code"
default BUSYBOX_DEFAULT_FEATURE_WGET_HTTPS
depends on BUSYBOX_CONFIG_WGET
select BUSYBOX_CONFIG_TLS
help
wget will use internal TLS code to connect to https:// URLs.
Note:
On NOMMU machines, ssl_helper applet should be available
in the $PATH for this to work. Make sure to select that applet.
Note: currently, TLS code only makes TLS I/O work, it
does *not* check that the peer is who it claims to be, etc.
IOW: it uses peer-supplied public keys to establish encryption
and signing keys, then encrypts and signs outgoing data and
decrypts incoming data.
It does not check signature hashes on the incoming data:
this means that attackers manipulating TCP packets can
send altered data and we unknowingly receive garbage.
(This check might be relatively easy to add).
It does not check public key's certificate:
this means that the peer may be an attacker impersonating
the server we think we are talking to.
If you think this is unacceptable, consider this. As more and more
servers switch to HTTPS-only operation, without such "crippled"
TLS code it is *impossible* to simply download a kernel source
from kernel.org. Which can in real world translate into
"my small automatic tooling to build cross-compilers from sources
no longer works, I need to additionally keep a local copy
of ~4 megabyte source tarball of a SSL library and ~2 megabyte
source of wget, need to compile and built both before I can
download anything. All this despite the fact that the build
is done in a QEMU sandbox on a machine with absolutely nothing
worth stealing, so I don't care if someone would go to a lot
of trouble to intercept my HTTPS download to send me an altered
kernel tarball".
If you still think this is unacceptable, send patches.
If you still think this is unacceptable, do not want to send
patches, but do want to waste bandwidth expaining how wrong
it is, you will be ignored.
busybox: update to 1.33 Remove stime backport. Remove static libgcc patch as upstream fixed it with BUSYBOX_DEFAULT_STATIC_LIBGCC which defauls to off. Remove date -k patch as it no longer applies. It's also pointless as busybox' hwclock utility can do the same thing. Remove ntpd patch as that seems to have been applied upstream. Add smalll patch fixing compilation with SELinux. Upstream commit 2496616b0a8d1c80cd1416b73a4847b59b9f969a renamed the variable without renaming it in the SELinux path. Refresh config and patches. Config refresh: Refresh commands, run after busybox is first built once: cd package/utils/busybox/config/ ../convert_menuconfig.pl ../../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0 cd .. ./convert_defaults.pl < ../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0/.config > Config-defaults.in Manual edits needed afterward: * Config-defaults.in: OpenWrt config symbol IPV6 logic applied to BUSYBOX_DEFAULT_FEATURE_IPV6 * Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec) * editors/Config.in: Add USE_GLIBC dependency to BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090) * shell/Config.in : change at "Options common to all shells" the symbol SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html Apparently our script does not see the hidden option while prepending config options with "BUSYBOX_CONFIG_" which leads to a missed dependency when the options are later evaluated.) * Edit Config.in files by adding quotes to sourced items in config/Config.in, networking/Config.in and util-linux/Config.in (commit 1da014f) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> [Added comments from Hannu Nyman to commit message] Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-02-01 00:15:53 +00:00
FEATURE_WGET_OPENSSL does implement TLS verification
using the certificates available to OpenSSL.
config BUSYBOX_CONFIG_FEATURE_WGET_OPENSSL
bool "Try to connect to HTTPS using openssl"
default BUSYBOX_DEFAULT_FEATURE_WGET_OPENSSL
depends on BUSYBOX_CONFIG_WGET
help
Try to use openssl to handle HTTPS.
OpenSSL has a simple SSL client for debug purposes.
If you select this option, wget will effectively run:
"openssl s_client -quiet -connect hostname:443
-servername hostname 2>/dev/null" and pipe its data
through it. -servername is not used if hostname is numeric.
Note inconvenient API: host resolution is done twice,
and there is no guarantee openssl's idea of IPv6 address
format is the same as ours.
Another problem is that s_client prints debug information
to stderr, and it needs to be suppressed. This means
all error messages get suppressed too.
openssl is also a big binary, often dynamically linked
against ~15 libraries.
If openssl can't be executed, internal TLS code will be used
(if you enabled it); if openssl can be executed but fails later,
wget can't detect this, and download will fail.
busybox: update to 1.33 Remove stime backport. Remove static libgcc patch as upstream fixed it with BUSYBOX_DEFAULT_STATIC_LIBGCC which defauls to off. Remove date -k patch as it no longer applies. It's also pointless as busybox' hwclock utility can do the same thing. Remove ntpd patch as that seems to have been applied upstream. Add smalll patch fixing compilation with SELinux. Upstream commit 2496616b0a8d1c80cd1416b73a4847b59b9f969a renamed the variable without renaming it in the SELinux path. Refresh config and patches. Config refresh: Refresh commands, run after busybox is first built once: cd package/utils/busybox/config/ ../convert_menuconfig.pl ../../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0 cd .. ./convert_defaults.pl < ../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0/.config > Config-defaults.in Manual edits needed afterward: * Config-defaults.in: OpenWrt config symbol IPV6 logic applied to BUSYBOX_DEFAULT_FEATURE_IPV6 * Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec) * editors/Config.in: Add USE_GLIBC dependency to BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090) * shell/Config.in : change at "Options common to all shells" the symbol SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html Apparently our script does not see the hidden option while prepending config options with "BUSYBOX_CONFIG_" which leads to a missed dependency when the options are later evaluated.) * Edit Config.in files by adding quotes to sourced items in config/Config.in, networking/Config.in and util-linux/Config.in (commit 1da014f) Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> [Added comments from Hannu Nyman to commit message] Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-02-01 00:15:53 +00:00
By default TLS verification is performed, unless
--no-check-certificate option is passed.
config BUSYBOX_CONFIG_WHOIS
bool "whois (6.3 kb)"
default BUSYBOX_DEFAULT_WHOIS
help
whois is a client for the whois directory service
config BUSYBOX_CONFIG_ZCIP
bool "zcip (8.4 kb)"
default BUSYBOX_DEFAULT_ZCIP
select BUSYBOX_CONFIG_FEATURE_SYSLOG
help
ZCIP provides ZeroConf IPv4 address selection, according to RFC 3927.
It's a daemon that allocates and defends a dynamically assigned
address on the 169.254/16 network, requiring no system administrator.
See http://www.zeroconf.org for further details, and "zcip.script"
in the busybox examples.
source "udhcp/Config.in"
config BUSYBOX_CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS
string "ifup udhcpc command line options"
default BUSYBOX_DEFAULT_IFUPDOWN_UDHCPC_CMD_OPTIONS
depends on BUSYBOX_CONFIG_IFUP || BUSYBOX_CONFIG_IFDOWN
help
Command line options to pass to udhcpc from ifup.
Intended to alter options not available in /etc/network/interfaces.
(IE: --syslog --background etc...)
endmenu