config FREETZ_PACKAGE_OPENVPN bool "OpenVPN 2.4.6" select FREETZ_BUSYBOX_BRCTL if ! FREETZ_PACKAGE_BRIDGE_UTILS select FREETZ_MODULE_tun if ! FREETZ_AVM_HAS_TUN_BUILTIN select FREETZ_PACKAGE_OPENVPN_CGI if ! FREETZ_PACKAGE_OPENVPN_USE_V2_CGI || ! FREETZ_SHOW_ADVANCED default n help VPN Server choice depends on FREETZ_PACKAGE_OPENVPN prompt "SSL library" default FREETZ_PACKAGE_OPENVPN_OPENSSL config FREETZ_PACKAGE_OPENVPN_OPENSSL bool "OpenSSL" select FREETZ_OPENSSL_VERSION_PROMPT if FREETZ_PACKAGE_OPENVPN_STATIC select FREETZ_LIB_libcrypto if ! FREETZ_PACKAGE_OPENVPN_STATIC select FREETZ_LIB_libssl if ! FREETZ_PACKAGE_OPENVPN_STATIC config FREETZ_PACKAGE_OPENVPN_MBEDTLS bool "mbed TLS" select FREETZ_LIB_libmbedcrypto if ! FREETZ_PACKAGE_OPENVPN_STATIC select FREETZ_LIB_libmbedtls if ! FREETZ_PACKAGE_OPENVPN_STATIC select FREETZ_LIB_libmbedx509 if ! FREETZ_PACKAGE_OPENVPN_STATIC help Leads to smaller binaries, but lacks support for some openssl features. endchoice config FREETZ_PACKAGE_OPENVPN_FORCE_BLOWFISH bool "Include cipher blowfish in mbedTLS" depends on FREETZ_PACKAGE_OPENVPN && FREETZ_PACKAGE_OPENVPN_MBEDTLS select FREETZ_LIB_libmbedcrypto_WITH_BLOWFISH if FREETZ_PACKAGE_OPENVPN_MBEDTLS default n help Compile mbedTLS with support for OpenVPN default cipher "blowfish" (BF-CBC). Library/Binary size will increase approx. 7k (uncompressed). config FREETZ_PACKAGE_OPENVPN_WITH_BLOWFISH bool depends on FREETZ_PACKAGE_OPENVPN_OPENSSL \ || (FREETZ_PACKAGE_OPENVPN_MBEDTLS && FREETZ_LIB_libmbedcrypto_WITH_BLOWFISH) default y config FREETZ_PACKAGE_OPENVPN_STATIC bool "Create statically linked binary" depends on FREETZ_PACKAGE_OPENVPN default n help Causes all libraries OpenVPN depends on to be linked in statically. config FREETZ_PACKAGE_OPENVPN_WITH_LZO bool "With LZO compression" depends on FREETZ_PACKAGE_OPENVPN select FREETZ_LIB_liblzo2 if ! FREETZ_PACKAGE_OPENVPN_STATIC default y help LZO compression for VPN traffic config FREETZ_PACKAGE_OPENVPN_WITH_LZ4 bool "With LZ4 compression" depends on FREETZ_PACKAGE_OPENVPN select FREETZ_LIB_liblz4 if ! FREETZ_PACKAGE_OPENVPN_STATIC default n help LZ4 compression for VPN traffic config FREETZ_PACKAGE_OPENVPN_WITH_TRAFFIC_OBFUSCATION bool "With traffic obfuscation" depends on FREETZ_PACKAGE_OPENVPN default n help Adds support for an additional configuration option 'scramble' with the following possible values: * "xormask" xormask * "xorptrpos" * "reverse" * "obfuscate" xormask WARNING: 'scramble'-option and SSLH are NOT compatible. SSLH is not able to recognize OpenVPN traffic if 'scramble'-option is enabled in OpenVPN config. Don't enable it if you plan to use SSLH to demultiplex OpenVPN protocol. comment "Warning: OpenVPN traffic obfuscation and SSLH are not compatible" depends on FREETZ_PACKAGE_OPENVPN_WITH_TRAFFIC_OBFUSCATION && FREETZ_PACKAGE_SSLH config FREETZ_PACKAGE_OPENVPN_WITH_MGMNT bool "Enable Management Console" depends on FREETZ_PACKAGE_OPENVPN default n help Enables OpenVPN's Management Console for administrative Tasks. This feature is not configurable via Web-UI. config FREETZ_PACKAGE_OPENVPN_ENABLE_SMALL bool "Optimize for size" depends on FREETZ_PACKAGE_OPENVPN default y help Enables binary optimiziation for size. Must be disabled to use the config option "explicit-exit-notify". config FREETZ_PACKAGE_OPENVPN_USE_IPROUTE bool "Use 'ip' instead of 'ifconfig' and 'route'" depends on FREETZ_PACKAGE_OPENVPN select FREETZ_BUSYBOX_IP default n help Enables openvpn to use ip when setting IPs, link parameters and routes. This selects busybox's 'IP' applet. config FREETZ_PACKAGE_OPENVPN_USE_V2_CGI bool "Use new (simple) GUI - EXPERIMENTAL" depends on FREETZ_PACKAGE_OPENVPN && FREETZ_SHOW_ADVANCED select FREETZ_PACKAGE_OPENVPN_V2_CGI default n help CAUTION: This option will delete configurations made with "old" GUI! New quite simple OpenVPN configuration interface. It will not generate a configuration file based on GUI settings but just ask for an existing configuration.