I would like to know if there is a way to configure openswan to send some kind of ike keepalive packets, so netfilter will not delete the entries for udp 500 from /proc/net/nf_conntrack. DPD isn't an option because it only send the ike packets if there is not traffic inside the tunnel (no ESP packets).