pfSense

There is a well-known challenge of dealing with accessing public IP addresses from inside the network. The two existing solutions are NAT reflection and split DNS, each of which has its own challenges. Unbound and dnsmasq both support rewriting IP addresses in returned results.

In unbound, this is done using the `respip` module.

In dnsmasq, this is done using the `alias` option.

The pull request I am working on will allow automatically building the unbound respip configuration using the 1:1 NAT configuration.

I tested this code on a firewall running 2.6.0-RELEASE and I believe I made all the necessary changes to make it work in the `master` branch, but I haven't tested that.