feat(ipsec): convert DPD to combobox

src/components/standalone/ipsec_tunnel/CreateOrEditTunnelDrawer.vue

@@ -59,7 +59,7 @@ type CreateEditIpsecTunnelPayload = {
   }
   ipcomp: string
   closeaction?: string
-  dpdaction: 'restart' | 'none'
+  dpdaction: TunnelDpdAction
   remote_subnet: string[]
   local_subnet: string[]
   ns_name: string
@@ -72,6 +72,9 @@ type CreateEditIpsecTunnelPayload = {
   pre_shared_key: string
 }
 
+type DpdAction = 'clear' | 'trap' | 'restart'
+type TunnelDpdAction = DpdAction | 'none'
+
 const { t } = useI18n()
 
 const emit = defineEmits(['close', 'add-edit-tunnel'])
@@ -104,7 +107,7 @@ const remoteIdentifier = ref('')
 // Step 2 fields
 const presharedKeyMode = ref<'generate' | 'import'>('generate')
 const presharedKey = ref('')
-const dpd = ref(false)
+const dpdAction = ref<DpdAction>('clear')
 const enableCompression = ref(false)
 const closeAction = ref('none')
 
@@ -152,6 +155,11 @@ const closeActionOptions: NeComboboxOption[] = [
   { id: 'trap', label: 'trap' },
   { id: 'start', label: 'start' }
 ]
+const dpdActionOptions: NeComboboxOption[] = [
+  { id: 'clear', label: 'clear' },
+  { id: 'trap', label: 'trap' },
+  { id: 'restart', label: 'restart' }
+]
 const encryptionOptions = ref<NeComboboxOption[]>([])
 const integrityOptions = ref<NeComboboxOption[]>([])
 const diffieHellmanOptions = ref<NeComboboxOption[]>([])
@@ -253,7 +261,7 @@ async function resetForm() {
   wanIpAddress.value = tunnelData?.local_ip ?? ''
   remoteIpAddress.value = tunnelData?.gateway ?? ''
   remoteNetworks.value = tunnelData?.remote_subnet ?? ['']
-  dpd.value = tunnelData ? tunnelData.dpdaction == 'restart' : false
+  dpdAction.value = normalizeDpdAction(tunnelData?.dpdaction)
   enableCompression.value = tunnelData ? tunnelData.ipcomp === 'true' : false
   closeAction.value = tunnelData?.closeaction ?? 'none'
   ikeVersion.value = tunnelData?.keyexchange ?? ikeVersionOptions[0].id
@@ -403,6 +411,18 @@ function handlePreviousStep() {
   }
 }
 
+function normalizeDpdAction(action?: string | null): DpdAction {
+  switch (action) {
+    case 'trap':
+    case 'restart':
+    case 'clear':
+      return action
+    case 'none':
+    default:
+      return 'clear'
+  }
+}
+
 async function createOrEditTunnel() {
   error.value.notificationTitle = ''
   error.value.notificationDescription = ''
@@ -425,7 +445,7 @@ async function createOrEditTunnel() {
     ipcomp: enableCompression.value ? 'true' : 'false',
     closeaction: closeAction.value,
     enabled: enabled.value ? '1' : '0',
-    dpdaction: dpd.value ? 'restart' : 'none',
+    dpdaction: dpdAction.value,
     keyexchange: ikeVersion.value,
     remote_subnet: remoteNetworks.value.filter((x) => x != ''),
     local_subnet: localNetworks.value
@@ -621,17 +641,25 @@ watch(
         </NeTextInput>
         <NeCopyField v-else :value="generatedPresharedKey" />
 
-        <div>
-          <NeFormItemLabel>{{
-            t('standalone.ipsec_tunnel.dpd_dead_peer_detection')
-          }}</NeFormItemLabel>
-          <NeToggle
-            v-model="dpd"
-            :label="
-              dpd ? t('standalone.ipsec_tunnel.enabled') : t('standalone.ipsec_tunnel.disabled')
-            "
-          />
-        </div>
+        <NeCombobox
+          v-model="dpdAction"
+          :label="t('standalone.ipsec_tunnel.dpd_dead_peer_detection')"
+          :options="dpdActionOptions"
+          :no-options-label="t('ne_combobox.no_options_label')"
+          :no-results-label="t('ne_combobox.no_results')"
+          :limited-options-label="t('ne_combobox.limited_options_label')"
+          :selected-label="t('ne_combobox.selected')"
+          :user-input-label="t('ne_combobox.user_input_label')"
+          :optional-label="t('common.optional')"
+        >
+          <template #tooltip>
+            <NeTooltip>
+              <template #content>
+                {{ t('standalone.ipsec_tunnel.dpd_dead_peer_detection_tooltip') }}
+              </template>
+            </NeTooltip>
+          </template>
+        </NeCombobox>
         <div>
           <NeFormItemLabel>{{ t('standalone.ipsec_tunnel.compression') }}</NeFormItemLabel>
           <NeToggle

src/i18n/en.json

@@ -2186,7 +2186,8 @@
       "pre_shared_key_invalid_chars_tooltip": "The characters '\\{' and '\\}' are not allowed in the pre-shared key",
       "use_generated_key": "Use generated key",
       "use_custom_key": "Use custom key",
-      "dpd_dead_peer_detection": "DPD (dead peer detection)",
+      "dpd_dead_peer_detection": "DPD action",
+      "dpd_dead_peer_detection_tooltip": "Action to perform for this CHILD_SA on DPD (Dead Peer Detection) timeout. The default action is 'clear' which closes the CHILD_SA and does not take further action. 'trap' installs a trap policy, which catches matching traffic and tries to re-negotiate the tunnel on-demand. 'restart' immediately tries to re-negotiate the CHILD_SA under a fresh IKE_SA.",
       "pfs_perfect_forward_secrecy_disabled": "PFS (Perfect Forward Secrecy) disabled",
       "compression": "Compression",
       "close_action": "Close action",

src/i18n/it.json

@@ -1559,7 +1559,8 @@
       "no_tunnel_found": "Nessun tunnel trovato",
       "connected": "Connesso",
       "use_generated_key": "Utilizza la chiave generata",
-      "dpd_dead_peer_detection": "DPD (dead peer detection)",
+      "dpd_dead_peer_detection": "DPD action",
+      "dpd_dead_peer_detection_tooltip": "Azione da eseguire per questo CHILD_SA al timeout DPD (Dead Peer Detection). Il valore predefinito 'clear' chiude il CHILD_SA e non esegue altre azioni. 'trap' installa una trap policy, che intercetta il traffico corrispondente e prova a rinegoziare il tunnel on-demand. 'restart' prova immediatamente a rinegoziare il CHILD_SA con un nuovo IKE_SA.",
       "choose_wan": "Scegli WAN",
       "wan_ip_address": "Indirizzo IP WAN",
       "enable": "Abilita",