4 files changed, 63 insertions, 26 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 806cbc8..d974bb4d 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -775,11 +775,9 @@ function filter_get_direct_networks_list() {
 			$networks_arr[] = $subnet;
 		}
 	}
-	if(is_array($config['staticroutes']['route'])) {
-		foreach($config['staticroutes']['route'] as $netent) {
-			if(is_ipaddr($netent['network'])) {
-				$networks_arr[] = $netent['network'];
-			}
+	foreach(get_staticroutes(true) as $netent) {
+		if(is_subnet($netent)) {
+			$networks_arr[] = $netent;
 		}
 	}
 	if(!empty($networks_arr)) {
@@ -1443,17 +1441,15 @@ function filter_nat_rules_generate() {
 		$tonathosts = "";
 		$numberofnathosts = 0;
 
-		if(is_array($config['staticroutes']['route'])) {
-			foreach ($config['staticroutes']['route'] as $route) {
-				$netip = explode("/", $route['network']);
-				if (isset($GatewaysList[$route['gateway']])) {
-					$gateway =& $GatewaysList[$route['gateway']];
-					$gatewayip = $gateway['gateway'];
-					$interfacegw = $gateway['interface'];
-					if(!interface_has_gateway($gateway['interface']) && is_private_ip($netip[0])) {
-						$numberofnathosts++;
-						$tonathosts .= "{$route['network']} ";
-					}
+		foreach (get_staticroutes() as $route) {
+			$netip = explode("/", $route['network']);
+			if (isset($GatewaysList[$route['gateway']])) {
+				$gateway =& $GatewaysList[$route['gateway']];
+				$gatewayip = $gateway['gateway'];
+				$interfacegw = $gateway['interface'];
+				if(!interface_has_gateway($gateway['interface']) && is_private_ip($netip[0])) {
+					$numberofnathosts++;
+					$tonathosts .= "{$route['network']} ";
 				}
 			}
 		}
@@ -1757,6 +1753,11 @@ function filter_generate_user_rule_arr($rule) {
 	return $ret;
 }
 
+function filter_expand_alias_array($alias_name) {
+	$expansion = filter_expand_alias($alias_name);
+	return explode(" ", preg_replace('/\s+/', ' ', trim($expansion)));
+}
+
 function filter_generate_address(& $rule, $target = "source", $isnat = false) {
 	global $FilterIflist, $config;
 	$src = "";
@@ -2724,7 +2725,7 @@ EOD;
 	 */
 	if(isset($config['filter']['bypassstaticroutes']) && is_array($config['staticroutes']['route']) && count($config['staticroutes']['route'])) {
 		$ipfrules .= "# Add rules to bypass firewall rules for static routes\n";
-		foreach ($config['staticroutes']['route'] as $route) {
+		foreach (get_staticroutes() as $route) {
 			$friendly = $GatewaysList[$route['gateway']]['friendlyiface'];
 			if(is_array($FilterIflist[$friendly])) {
 				$oc = $FilterIflist[$friendly];
diff --git a/etc/inc/services.inc b/etc/inc/services.inc
index fabb0d0..262df75 100644
--- a/etc/inc/services.inc
+++ b/etc/inc/services.inc
@@ -1114,13 +1114,11 @@ function services_dhcrelay_configure() {
 			}
 		}
 		if (!isset($destif)) {
-			if (is_array($config['staticroutes']['route'])) {
-				foreach ($config['staticroutes']['route'] as $rtent) {
-					if (ip_in_subnet($srvip, $rtent['network'])) {
-						$a_gateways = return_gateways_array(true);
-						$destif = $a_gateways[$rtent['gateway']]['interface'];
-						break;
-					}
+			foreach (get_staticroutes() as $rtent) {
+				if (ip_in_subnet($srvip, $rtent['network'])) {
+					$a_gateways = return_gateways_array(true);
+					$destif = $a_gateways[$rtent['gateway']]['interface'];
+					break;
 				}
 			}
 		}
diff --git a/etc/inc/system.inc b/etc/inc/system.inc
index e9f7781..43103a9 100644
--- a/etc/inc/system.inc
+++ b/etc/inc/system.inc
@@ -427,10 +427,11 @@ function system_routing_configure($interface = "") {
 		}
 	}
 
-	if (is_array($config['staticroutes']['route'])) {
+	$static_routes = get_staticroutes();
+	if (count($static_routes)) {
 		$gateways_arr = return_gateways_array();
 
-		foreach ($config['staticroutes']['route'] as $rtent) {
+		foreach ($static_routes as $rtent) {
 			$gatewayip = "";
 			if (empty($gateways_arr[$rtent['gateway']])) {
 				log_error(sprintf(gettext("Static Routes: Gateway IP could not be found for %s"), $rtent['network']));
diff --git a/etc/inc/util.inc b/etc/inc/util.inc
index 087bce8..4c92396 100644
--- a/etc/inc/util.inc
+++ b/etc/inc/util.inc
@@ -1680,6 +1680,7 @@ function array_merge_recursive_unique($array0, $array1) {
 	return $result;
 }
 
+
 /*
  * converts a string like "a,b,c,d"
  * into an array like array("a" => "b", "c" => "d")
@@ -1694,4 +1695,40 @@ function explode_assoc($delimiter, $string) {
 	return $result;
 }
 
+function get_staticroutes($returnsubnetsonly = false) {
+	global $config;
+	require_once('filter.inc');
+	$allstaticroutes = array();
+	$allsubnets = array();
+
+	/* Bail if there are no routes, but return an array always so callers don't have to check. */
+	if (!is_array($config['staticroutes']['route']))
+		return array();
+
+	/* Loop through routes and expand aliases as we find them. */
+	foreach ($config['staticroutes']['route'] as $route) {
+		if (is_alias($route['network'])) {
+			$subnets = filter_expand_alias_array($route['network']);
+			foreach ($subnets as $net) {
+				if (is_ipaddr($net))
+					$net .= "/32";
+				/* This must be a hostname, we can't use it. */
+				if (!is_subnet($net))
+					continue;
+				$temproute = $route;
+				$temproute['network'] = $net;
+				$allstaticroutes[] = $temproute;
+				$allsubnets[] = $net;
+			}
+		} elseif (is_subnet($route['network'])) {
+			$allstaticroutes[] = $route;
+			$allsubnets[] = $route['network'];
+		}
+	}
+	if ($returnsubnetsonly) {
+		return $allsubnets;
+	} else {
+		return $allstaticroutes;
+	}
+}
 ?>