diff -u vpnc-0.4.0/debian/patches/00list vpnc-0.4.0/debian/patches/00list
--- vpnc-0.4.0/debian/patches/00list
+++ vpnc-0.4.0/debian/patches/00list
@@ -6,0 +7 @@
+09_dpd_timer_disable
diff -u vpnc-0.4.0/debian/changelog vpnc-0.4.0/debian/changelog
--- vpnc-0.4.0/debian/changelog
+++ vpnc-0.4.0/debian/changelog
@@ -1,3 +1,12 @@
+vpnc (0.4.0-2ubuntu1.1) feisty-proposed; urgency=low
+
+  * Apply r170 from SVN trunk to help resolve immediate
+    disconnections due to dead peer detection (dpd),
+    LP: #93413.  Adds the --dpd-idle command line option
+    which can be set to 0 to disable dead peer detection.
+
+ -- James Tait <james.tait@wyrddreams.org>  Fri, 11 May 2007 21:34:52 +0100
+
 vpnc (0.4.0-2ubuntu1) feisty; urgency=low
 
   * Merge from debian unstable, remaining changes:
only in patch2:
unchanged:
--- vpnc-0.4.0.orig/debian/patches/09_dpd_timer_disable.dpatch
+++ vpnc-0.4.0/debian/patches/09_dpd_timer_disable.dpatch
@@ -0,0 +1,201 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 09_dpd_timer_disable.dpatch by James Tait <james.tait@wyrddreams.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad vpnc-0.4.0~/config.c vpnc-0.4.0/config.c
+--- vpnc-0.4.0~/config.c	2007-05-11 21:59:22.000000000 +0100
++++ vpnc-0.4.0/config.c	2007-05-11 22:02:41.000000000 +0100
+@@ -244,6 +244,11 @@
+ 	return "10000";
+ }
+ 
++static const char *config_def_dpd_idle(void)
++{
++	return "0";
++}
++
+ static const char *config_def_app_version(void)
+ {
+ 	struct utsname uts;
+@@ -282,7 +287,7 @@
+ static const struct config_names_s {
+ 	enum config_enum nm;
+ 	const int needsArgument;
+-	const int lvl;
++	const int long_only;
+ 	const char *option;
+ 	const char *name;
+ 	const char *type;
+@@ -486,12 +491,20 @@
+ 		"--udp-port",
+ 		"Cisco UDP Encapsulation Port ",
+ 		"<0-65535>",
+-		"local UDP port number to use (0 == use random port)\n"
++		"Local UDP port number to use (0 == use random port)\n"
+ 		"This is only relevant if cisco-udp nat-traversal is used.\n"
+ 		"This is the _local_ port, the remote udp port is discovered automatically.\n"
+ 		"It is especially not the cisco-tcp port\n",
+ 		config_def_udp_port
+ 	}, {
++		CONFIG_DPD_IDLE, 1, 1,
++		"--dpd-idle",
++		"DPD idle timeout (our side) ",
++		"<0,10-86400>",
++		"Send DPD packet after not receiving anything for <idle> seconds.\n"
++		"Use 0 to disable DPD completely (both ways).\n",
++		config_def_dpd_idle
++	}, {
+ 		CONFIG_NON_INTERACTIVE, 0, 1,
+ 		"--non-inter",
+ 		"Noninteractive",
+@@ -612,7 +625,7 @@
+ 		printf("%s%s\n", pre, p);
+ }
+ 
+-static void print_usage(char *argv0, int long_help)
++static void print_usage(char *argv0, int print_level)
+ {
+ 	int c;
+ 
+@@ -620,7 +633,7 @@
+ 		argv0);
+ 	printf("Legend:\n");
+ 	for (c = 0; config_names[c].name != NULL; c++) {
+-		if (config_names[c].lvl > long_help)
++		if (config_names[c].long_only > print_level)
+ 			continue;
+ 
+ 		printf("  %s %s\n"
+@@ -639,7 +652,7 @@
+ 		printf("\n");
+ 	}
+ 	
+-	if (!long_help)
++	if (!print_level)
+ 		printf("Use --long-help to see all options\n\n");
+ 	
+ 	printf("Report bugs to vpnc@unix-ag.uni-kl.de\n");
+diff -urNad vpnc-0.4.0~/config.h vpnc-0.4.0/config.h
+--- vpnc-0.4.0~/config.h	2007-05-11 21:59:22.000000000 +0100
++++ vpnc-0.4.0/config.h	2007-05-11 21:59:22.000000000 +0100
+@@ -54,6 +54,7 @@
+ 	CONFIG_VENDOR,
+ 	CONFIG_NATT_MODE,
+ 	CONFIG_UDP_ENCAP_PORT,
++	CONFIG_DPD_IDLE,
+ 
+ 
+ 
+diff -urNad vpnc-0.4.0~/tunip.c vpnc-0.4.0/tunip.c
+--- vpnc-0.4.0~/tunip.c	2007-05-11 21:59:22.000000000 +0100
++++ vpnc-0.4.0/tunip.c	2007-05-11 21:59:22.000000000 +0100
+@@ -838,9 +838,9 @@
+ 	
+ 	if (s->ike.do_dpd) {
+ 		/* send initial dpd request */
+-		next_ike_dpd = time(NULL) + 300;
++		next_ike_dpd = time(NULL) + s->ike.dpd_idle;
+ 		dpd_ike(s);
+-		normal_timeout.tv_sec = 300;
++		normal_timeout.tv_sec = s->ike.dpd_idle;
+ 		normal_timeout.tv_usec = 0;
+ 	}
+ 	
+@@ -884,11 +884,11 @@
+ 						select_timeout.tv_sec = 5;
+ 						select_timeout.tv_usec = 0;
+ 						dpd_ike(s);
+-						next_ike_dpd = now + 300;
++						next_ike_dpd = now + s->ike.dpd_idle;
+ 					}
+ 					else if (now >= next_ike_dpd) {
+ 						dpd_ike(s);
+-						next_ike_dpd = now + 300;
++						next_ike_dpd = now + s->ike.dpd_idle;
+ 					}
+ 				}
+ 			}
+@@ -945,13 +945,13 @@
+ 			if (s->ike.do_dpd) {
+ 				if (s->ike.dpd_seqno != s->ike.dpd_seqno_ack) {
+ 					dpd_ike(s);
+-					next_ike_dpd = now + 300;
++					next_ike_dpd = now + s->ike.dpd_idle;
+ 					if (now + 5 < next_up)
+ 						next_up = now + 5;
+ 				}
+ 				else if (now >= next_ike_dpd) {
+ 					dpd_ike(s);
+-					next_ike_dpd = now + 300;
++					next_ike_dpd = now + s->ike.dpd_idle;
+ 				}
+ 				if (next_ike_dpd < next_up)
+ 					next_up = next_ike_dpd;
+diff -urNad vpnc-0.4.0~/tunip.h vpnc-0.4.0/tunip.h
+--- vpnc-0.4.0~/tunip.h	2007-05-11 21:59:22.000000000 +0100
++++ vpnc-0.4.0/tunip.h	2007-05-11 21:59:22.000000000 +0100
+@@ -92,6 +92,7 @@
+ 		uint8_t *current_iv;
+ 		struct lifetime life;
+ 		int do_dpd;
++		int dpd_idle;
+ 		uint32_t dpd_seqno;
+ 		uint32_t dpd_seqno_ack;
+ 		time_t dpd_sent;
+diff -urNad vpnc-0.4.0~/vpnc-script vpnc-0.4.0/vpnc-script
+--- vpnc-0.4.0~/vpnc-script	2007-05-11 21:59:22.000000000 +0100
++++ vpnc-0.4.0/vpnc-script	2007-05-11 21:59:22.000000000 +0100
+@@ -244,7 +244,7 @@
+ 
+ 	# Don't step on INTERNAL_IP4_DNS value, use a temporary variable
+ 	INTERNAL_IP4_DNS_TEMP="$INTERNAL_IP4_DNS"
+-	exec 6< /etc/resolv.conf
++	exec 6< "$RESOLV_CONF_BACKUP"
+ 	while read LINE <&6 ; do
+ 		case "$LINE" in
+ 			nameserver*)
+diff -urNad vpnc-0.4.0~/vpnc.c vpnc-0.4.0/vpnc.c
+--- vpnc-0.4.0~/vpnc.c	2007-05-11 21:59:22.000000000 +0100
++++ vpnc-0.4.0/vpnc.c	2007-05-11 21:59:22.000000000 +0100
+@@ -1050,8 +1050,15 @@
+ 			l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
+ 				VID_NATT_00, sizeof(VID_NATT_00));
+ 		}
+-		l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
+-			VID_DPD, sizeof(VID_DPD));
++		s->ike.dpd_idle = atoi(config[CONFIG_DPD_IDLE]);
++		if (s->ike.dpd_idle != 0) {
++			if (s->ike.dpd_idle < 10)
++				s->ike.dpd_idle = 10;
++			if (s->ike.dpd_idle > 86400)
++				s->ike.dpd_idle = 86400;
++			l = l->next = new_isakmp_data_payload(ISAKMP_PAYLOAD_VID,
++				VID_DPD, sizeof(VID_DPD));
++		}
+ 		flatten_isakmp_packet(p1, &pkt, &pkt_len, 0);
+ 
+ 		/* Now, send that packet and receive a new one.  */
+@@ -1265,11 +1272,15 @@
+ 				} else if (rp->u.vid.length == sizeof(VID_DPD)
+ 					&& memcmp(rp->u.vid.data, VID_DPD,
+ 						sizeof(VID_DPD)) == 0) {
+-					gcry_create_nonce(&s->ike.dpd_seqno, sizeof(s->ike.dpd_seqno));
+-					s->ike.dpd_seqno &= 0x7FFFFFFF;
+-					s->ike.dpd_seqno_ack = s->ike.dpd_seqno;
+-					s->ike.do_dpd = 1;
+-					DEBUG(2, printf("peer is DPD capable (RFC3706)\n"));
++					if (s->ike.dpd_idle != 0) {
++						gcry_create_nonce(&s->ike.dpd_seqno, sizeof(s->ike.dpd_seqno));
++						s->ike.dpd_seqno &= 0x7FFFFFFF;
++						s->ike.dpd_seqno_ack = s->ike.dpd_seqno;
++						s->ike.do_dpd = 1;
++						DEBUG(2, printf("peer is DPD capable (RFC3706)\n"));
++					} else {
++						DEBUG(2, printf("ignoring that peer is DPD capable (RFC3706)\n"));
++					}
+ 				} else {
+ 					hex_dump("unknown ISAKMP_PAYLOAD_VID: ",
+ 						rp->u.vid.data, rp->u.vid.length, NULL);