IPsec: Close on-demand tunnels after 15 min of inactivity

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index b6469c03c21af879524e99c25def5f0eca28ebd8..972c07c13d5e5851806c6c3658f2c721467f9208 100644 (file)
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -413,6 +413,12 @@ sub writeipsecfiles {
                        print CONF "\trightsourceip=$lvpnsettings{'RW_NET'}\n";
                } else {
                        print CONF "\tauto=$start_action\n";
+
+                       # If in on-demand mode, we terminate the tunnel
+                       # after 15 min of no traffic
+                       if ($start_action eq 'route') {
+                               print CONF "\tinactivity=900\n";
+                       }
                }
 
                # Fragmentation