summaryrefslogtreecommitdiff
path: root/data/templates/ipsec/swanctl
diff options
context:
space:
mode:
authoraapostoliuk <a.apostoliuk@vyos.io>2024-01-17 17:46:38 +0200
committerMergify <37929162+mergify[bot]@users.noreply.github.com>2024-01-17 17:38:11 +0000
commite6713a7e861dbe3ec8af1761f1c0a3d1ad725cac (patch)
tree879826a9e22c8228827a8ab1dcee55cd9c5cf240 /data/templates/ipsec/swanctl
parent31d3d7263ee3082bb7f7dd722086e2ce5c892a03 (diff)
downloadvyos-1x-e6713a7e861dbe3ec8af1761f1c0a3d1ad725cac.tar.gz
vyos-1x-e6713a7e861dbe3ec8af1761f1c0a3d1ad725cac.zip
T5953: Changed values of 'close-action' to Strongswan values
Changed the value from 'hold' to 'trap' in the 'close-action' option in the IKE group. Changed the value from 'restart' to 'start' in the 'close-action' option in the IKE group. (cherry picked from commit 8870fabf1b4358618fca7db459515106653214b5)
Diffstat (limited to 'data/templates/ipsec/swanctl')
-rw-r--r--data/templates/ipsec/swanctl/peer.j24
1 files changed, 2 insertions, 2 deletions
diff --git a/data/templates/ipsec/swanctl/peer.j2 b/data/templates/ipsec/swanctl/peer.j2
index 86a44a0ff..c5841fb91 100644
--- a/data/templates/ipsec/swanctl/peer.j2
+++ b/data/templates/ipsec/swanctl/peer.j2
@@ -85,7 +85,7 @@
{% if ike.dead_peer_detection is vyos_defined %}
dpd_action = {{ ike.dead_peer_detection.action }}
{% endif %}
- close_action = {{ {'none': 'none', 'hold': 'trap', 'restart': 'start'}[ike.close_action] }}
+ close_action = {{ ike.close_action }}
}
{% elif peer_conf.tunnel is vyos_defined %}
{% for tunnel_id, tunnel_conf in peer_conf.tunnel.items() if tunnel_conf.disable is not defined %}
@@ -135,7 +135,7 @@
{% if ike.dead_peer_detection is vyos_defined %}
dpd_action = {{ ike.dead_peer_detection.action }}
{% endif %}
- close_action = {{ {'none': 'none', 'hold': 'trap', 'restart': 'start'}[ike.close_action] }}
+ close_action = {{ ike.close_action }}
{% if peer_conf.vti.bind is vyos_defined %}
{# The key defaults to 0 and will match any policies which similarly do not have a lookup key configuration. #}
{# Thus we simply shift the key by one to also support a vti0 interface #}