From 117278c33a4560d25edc08a9d4bb0738285746f9 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 3 Aug 2017 15:47:51 +0000
Subject: [PATCH] ipsec: Support Dead Peer Detection

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/functions/functions.ipsec | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec
index db9e5f0d..1c05f571 100644
--- a/src/functions/functions.ipsec
+++ b/src/functions/functions.ipsec
@@ -810,7 +810,19 @@ _ipsec_connection_to_strongswan_connection() {
 	print_indent 2 "proposals = $(vpn_security_policies_make_ah_proposal ${SECURITY_POLICY})"
 	print
 
-	# XXX DPD Settings
+	# DPD Settings
+	if isset DPD_DELAY && isinteger DPD_DELAY && [ ${DPD_DELAY} -gt 0 ]; then
+		print_indent 2 "# Dead Peer Detection"
+
+		print_indent 2 "dpd_action = ${DPD_ACTION}"
+		print_indent 2 "dpd_delay = ${DPD_DELAY}"
+
+		if isset DPD_TIMEOUT; then
+			print_indent 2 "dpd_timeout = ${DPD_TIMEOUT}"
+		fi
+
+		print
+	fi
 
 	# Fragmentation
 	print_indent 2 "# Fragmentation"
-- 
2.39.2