(filter, plugins) add structure to interface plugins

Valid properties for interfaces currently are:

* enable (bool)
* virtual (bool)
* networks, list of networks (network, mask)
* if, device node
* descr, user friendly description

src/etc/inc/filter.inc

@@ -763,8 +763,42 @@ function filter_generate_optcfg_array()
     /* traverse interfaces */
     foreach (legacy_config_get_interfaces(array("enable" => true)) as $if => $ifdetail) {
         if (isset($ifdetail['internal_dynamic'])) {
-            // plugin is responsible for its own config
-            $FilterIflist[$if] = $ifdetail;
+            // transform plugin configuration
+            $oic = array();
+            $oic['internal_dynamic'] = true;
+            $oic['vips'] = array();
+            $oic['vips6'] = array();
+            $oic['descr'] = $ifdetail['descr'];
+            $oic['if'] = $ifdetail['if'];
+            if (isset($ifdetail['virtual'])) {
+                $oic['virtual'] = $ifdetail['virtual'];
+            }
+            if (!empty($ifdetail['networks'])) {
+                foreach (isset($ifdetail['networks'][0]) ? $ifdetail['networks'] : array($ifdetail['networks']) as $indx => $network) {
+                    if (is_ipaddrv4($network['network'])) {
+                        if ($indx == 0) {
+                            $oic['sa'] = $network['network'];
+                            $oic['sn'] = $network['mask'];
+                        } else {
+                            $vip = array();
+                            $vip['sa'] = $network['network'];
+                            $vip['sn'] = $network['mask'];
+                            $oic['vips'][] = $vip;
+                        }
+                    } elseif (is_ipaddrv6($network['network'])) {
+                        if ($indx == 0) {
+                            $oic['sav6'] = $network['network'];
+                            $oic['snv6'] = $network['mask'];
+                        } else {
+                            $vip = array();
+                            $vip['sa'] = $network['network'];
+                            $vip['sn'] = $network['mask'];
+                            $oic['vips6'][] = $vip;
+                        }
+                    }
+                }
+            }
+            $FilterIflist[$if] = $oic;
         } else {
             // XXX needs cleanup, original content
             $oic = array();
@@ -980,7 +1014,12 @@ function filter_nat_rules_automatic_tonathosts(&$FilterIflist, $with_descr = fal
         if (!empty($oc['sa'])) {
             $tonathosts[] = "{$oc['sa']}/{$oc['sn']}";
             $descriptions[] = $oc['descr'];
-            if (isset($oc['vips']) && is_array($oc['vips'])) {
+            if (!empty($oc['vips']) && !empty($oc['internal_dynamic'])) {
+                foreach ($oc['vips'] as $vip) {
+                    $tonathosts[] = "{$vip['sa']}/{$vip['sn']}";
+                    $descriptions[] = $oc['descr'];
+                }
+            } elseif (isset($oc['vips']) && is_array($oc['vips'])) {
                 $if_subnets = array("{$oc['sa']}/{$oc['sn']}");
                 foreach ($oc['vips'] as $vip) {
                     if (!is_ipaddrv4($vip['ip'])) {
@@ -1002,41 +1041,6 @@ function filter_nat_rules_automatic_tonathosts(&$FilterIflist, $with_descr = fal
         }
     }
 
-    /* PPTP subnet */
-    if (($config['pptpd']['mode'] == "server" ) && is_private_ip($config['pptpd']['remoteip'])) {
-        if (isset($config['pptpd']['n_pptp_units']) && is_numeric($config['pptpd']['n_pptp_units'])) {
-            $pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'],
-              long2ip32(ip2long($config['pptpd']['remoteip'])+($config['pptpd']['n_pptp_units']-1)));
-        } else {
-            $pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'],
-              long2ip32(ip2long($config['pptpd']['remoteip'])));
-        }
-        foreach ($pptp_subnets as $subnet) {
-            $tonathosts[] = $subnet;
-            $descriptions[] = gettext("PPTP server");
-        }
-    }
-
-    /* PPPoE subnet */
-    if (isset($FilterIflist['pppoe']['item']) && is_array($FilterIflist['pppoe']['item'])) {
-        foreach ($FilterIflist['pppoe']['item'] as $pppoe) {
-            if (is_private_ip($pppoe['ip'])) {
-                $tonathosts[] = "{$pppoe['sa']}/{$pppoe['sn']}";
-                $descriptions[] = gettext("PPPoE server");
-            }
-        }
-    }
-
-    /* L2TP subnet */
-    if (isset($FilterIflist['l2tp']) && $FilterIflist['l2tp']['mode'] == "server") {
-          $l2tp_sa = $FilterIflist['l2tp']['sa'];
-          $l2tp_sn = $FilterIflist['l2tp']['sn'];
-          if (is_private_ip($l2tp_sa) && !empty($l2tp_sn)) {
-              $tonathosts[] = "{$l2tp_sa}/{$l2tp_sn}";
-              $descriptions[] = gettext("L2TP server");
-          }
-    }
-
     /* add openvpn interfaces */
     if (isset($config['openvpn']['openvpn-server'])) {
         foreach ($config['openvpn']['openvpn-server'] as $ovpnsrv) {
@@ -1920,7 +1924,7 @@ function filter_generate_address(&$FilterIflist, &$rule, $target = 'source', $is
         if (is_subnet($src)) {
             filter_address_add_vips_subnets($FilterIflist, $src, $rule[$target]['network'], isset($rule[$target]['not']));
         }
-    } else if ($rule[$target]['address']) {
+    } elseif ($rule[$target]['address']) {
         $expsrc = alias_expand($rule[$target]['address']);
         if (isset($rule[$target]['not'])) {
             $not = "!";

src/etc/inc/plugins.inc.d/plugin_ifgroups.inc

@@ -35,6 +35,7 @@ function plugin_ifgroups_interface()
     if (isset($config['ifgroups']['ifgroupentry'])) {
         foreach($config['ifgroups']['ifgroupentry'] as $ifgen) {
             $oc = array("enable" => true);
+            $oc['networks'] = array();
             $oc['if'] = $ifgen['ifname'];
             $oc['descr'] = $ifgen['ifname'];
             $oc['virtual'] = true;

src/etc/inc/plugins.inc.d/plugin_ipsec.inc

@@ -38,6 +38,7 @@ function plugin_ipsec_interface()
         $oic['descr'] = 'IPsec';
         $oic['type'] = "none";
         $oic['virtual'] = true;
+        $oic['networks'] = array();
         $interfaces['enc0'] = $oic;
     }
 

src/etc/inc/plugins.inc.d/plugin_openvpn.inc

@@ -38,6 +38,7 @@ function plugin_openvpn_interface()
         $oic['descr'] = 'OpenVPN';
         $oic['type'] = "none";
         $oic['virtual'] = true;
+        $oic['networks'] = array();
         $interfaces['openvpn'] = $oic;
     }
 

src/etc/inc/plugins.inc.d/vpn.inc

@@ -665,54 +665,49 @@ function vpn_interface()
 
     if (isset($config['pptpd']['mode']) && $config['pptpd']['mode'] == 'server') {
         $oic = array("enable" => true);
+        $oic['networks'] =  array();
+        $oic['virtual'] = true;
         $oic['if'] = 'pptp';
         $oic['descr'] = 'pptp';
-        $oic['ip'] = $config['pptpd']['localip'];
-        $oic['sa'] = $config['pptpd']['remoteip'];
-        if (!empty($config['pptpd']['pptp_subnet'])) {
-            $oic['sn'] = $config['pptpd']['pptp_subnet'];
+        $mask = !empty($config['pptpd']['pptp_subnet']) ? $config['pptpd']['pptp_subnet'] : 32;
+        if (isset($config['pptpd']['n_pptp_units']) && is_numeric($config['pptpd']['n_pptp_units'])) {
+            $pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'],
+              long2ip32(ip2long($config['pptpd']['remoteip'])+($config['pptpd']['n_pptp_units']-1)));
         } else {
-            $oic['sn'] = "32";
+            $pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'],
+              long2ip32(ip2long($config['pptpd']['remoteip'])));
+        }
+        foreach ($pptp_subnets as $pptp_subnet) {
+            $snparts = explode("/", $pptp_subnet);
+            $oic['networks'][] = array("network" => $snparts[0], "mask" => $snparts[1]);
         }
-        $oic['mode'] = $config['pptpd']['mode'];
-        $oic['virtual'] = true;
         $interfaces['pptp'] = $oic;
     }
 
     if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == 'server') {
         $oic = array("enable" => true);
+        $oic['virtual'] = true;
+        $oic['networks'] =  array();
         $oic['if'] = 'l2tp';
         $oic['descr'] = 'L2TP';
-        $oic['ip'] = $config['l2tp']['localip'];
-        $oic['sa'] = $config['l2tp']['remoteip'];
-        if (!empty($config['l2tp']['l2tp_subnet'])) {
-            $oic['sn'] = $config['l2tp']['l2tp_subnet'];
-        } else {
-            $oic['sn'] = "32";
-        }
-        $oic['mode'] = $config['l2tp']['mode'];
-        $oic['virtual'] = true;
+        $mask = !empty($config['l2tp']['l2tp_subnet']) ? $config['l2tp']['l2tp_subnet'] : 32;
+        $oic['networks'][] = array("network" => gen_subnet($config['l2tp']['remoteip'], $mask), "mask" => $mask);
         $interfaces['l2tp'] = $oic;
     }
 
     if (isset($config['pppoes']['pppoe'])) {
-        $pppoeifs = array('item' => array());
+        $pppoeifs = array('networks' => array());
         foreach($config['pppoes']['pppoe'] as $pppoe) {
             if ($pppoe['mode'] == "server") {
-                $item = array('ip' => $pppoe['localip'], 'sa' => $pppoe['remoteip']);
-                $item['sn'] = !empty($pppoe['pppoe_subnet']) ?  $pppoe['pppoe_subnet'] : "32";
-                $pppoeifs['item'][] = $item;
+                $mask = !empty($pppoe['pppoe_subnet']) ?  $pppoe['pppoe_subnet'] : 32;
+                $pppoeifs['networks'][] = array("network" => gen_subnet($pppoe['remoteip'], $mask), "mask" => $mask);
             }
         }
-        if (count($pppoeifs['item'])) {
+        if (count($pppoeifs['networks'])) {
             $pppoeifs['enable'] = true;
+            $pppoeifs['virtual'] = true;
             $pppoeifs['if'] = 'pppoe';
             $pppoeifs['descr'] = 'pppoe';
-            $pppoeifs['ip'] = "";
-            $pppoeifs['sa'] = "";
-            $pppoeifs['sn'] = "32";
-            $pppoeifs['mode'] = "";
-            $pppoeifs['virtual'] = true;
             $interfaces['pppoe'] = $pppoeifs;
         }
     }