add optional per-connection dpd/close actions
Change-Id: If6cbf17997e42cfe7b64dd07f6bf8e790325aa35
diff --git a/templates/ipsec.conf.j2 b/templates/ipsec.conf.j2
index 0bf4a67..5068a20 100644
--- a/templates/ipsec.conf.j2
+++ b/templates/ipsec.conf.j2
@@ -29,6 +29,7 @@
conn {{ conn.name }}
{% if conn.vti is defined %}
leftupdown="/etc/ipsec.d/ipsec-vti.sh {{ conn.name }} {{ conn.vti.remote }} {{ conn.vti.local }}"
+ mark=%unique
{% endif %}
left={{ conn.left }}
leftid={{ conn.leftid }}
@@ -37,7 +38,10 @@
right={{ conn.right }}
rightsubnet={{ conn.right_subnets }}
rightauth={{ strongswan_conf_auth_type }}
-{% if conn.vti is defined %}
- mark=%unique
+{% if conn.dpdaction is defined %}
+ dpdaction={{ conf.dpdaction }}
+{% endif %}
+{% if conn.closeaction is defined %}
+ closeaction={{ conf.closeaction }}
{% endif %}
{% endfor %}