From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 3 Aug 2017 15:47:51 +0000 (+0000)
Subject: ipsec: Support Dead Peer Detection
X-Git-Tag: 009~75
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=117278c33a4560d25edc08a9d4bb0738285746f9;p=network.git

ipsec: Support Dead Peer Detection

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec
index db9e5f0d..1c05f571 100644
--- a/src/functions/functions.ipsec
+++ b/src/functions/functions.ipsec
@@ -810,7 +810,19 @@ _ipsec_connection_to_strongswan_connection() {
 	print_indent 2 "proposals = $(vpn_security_policies_make_ah_proposal ${SECURITY_POLICY})"
 	print
 
-	# XXX DPD Settings
+	# DPD Settings
+	if isset DPD_DELAY && isinteger DPD_DELAY && [ ${DPD_DELAY} -gt 0 ]; then
+		print_indent 2 "# Dead Peer Detection"
+
+		print_indent 2 "dpd_action = ${DPD_ACTION}"
+		print_indent 2 "dpd_delay = ${DPD_DELAY}"
+
+		if isset DPD_TIMEOUT; then
+			print_indent 2 "dpd_timeout = ${DPD_TIMEOUT}"
+		fi
+
+		print
+	fi
 
 	# Fragmentation
 	print_indent 2 "# Fragmentation"