Fix pluto crash when remote endpoint is unstable

Currently, submariner-gateway pod while invoking the whack
commands does not set any dpdaction flags. So the default
dpdaction of disabled was applied. While using this action,
when the remote endpoint is not responding within a certain
duration, some problematic code path in Libreswan was getting
executed and leading to crash. The proper fix would be to use
an updated Libreswan, but as a workaround we can explicitly
set the dpdaction=hold to avoid hitting the problematic code
paths.

Related PR in libreswan:
libreswan/libreswan@c7a6113

Fixes: #2516
Signed-off-by: Sridhar Gaddam <sgaddam@redhat.com>
Co-authored-by: Yossi Boaron <yboaron@redhat.com>

pkg/cable/libreswan/libreswan.go

@@ -416,7 +416,8 @@ func (i *libreswan) bidirectionalConnectToEndpoint(connectionName string, endpoi
 		"--host", endpointInfo.UseIP,
 		"--client", rightSubnet,
 
-		"--ikeport", strconv.Itoa(int(rightNATTPort)))
+		"--ikeport", strconv.Itoa(int(rightNATTPort)),
+		"--dpdaction=hold")
 
 	logger.Infof("Executing whack with args: %v", args)
 
@@ -458,7 +459,8 @@ func (i *libreswan) serverConnectToEndpoint(connectionName string, endpointInfo
 		// Right-hand side.
 		"--id", remoteEndpointIdentifier,
 		"--host", "%any",
-		"--client", rightSubnet)
+		"--client", rightSubnet,
+		"--dpdaction=hold")
 
 	logger.Infof("Executing whack with args: %v", args)
 
@@ -499,7 +501,8 @@ func (i *libreswan) clientConnectToEndpoint(connectionName string, endpointInfo
 		"--host", endpointInfo.UseIP,
 		"--client", rightSubnet,
 
-		"--ikeport", strconv.Itoa(int(rightNATTPort)))
+		"--ikeport", strconv.Itoa(int(rightNATTPort)),
+		"--dpdaction=hold")
 
 	logger.Infof("Executing whack with args: %v", args)