caller stack

pf::config puts interface.gateway in $int_obj->tag( "gw" ... )

This is consumed by:

ip2gateway (pf::util)
  pf::rawip
  - trapmac
  - freemac
    - bin/pfcmd manage freemac (and relevant grammar and/or lib/pf/pfcmd.pm)
  pf::web
  - generate_status_page (and relevant apache config)
  sbin/pfmon
  - listen_arp

get_gateways (pf::util)
  pf::services
  - generate_snort_config (tags{'gateways'} meant for config rewrite), flush from rules and config
  pf::util
  - preload_network_range
    - preload_trappable_ip and preload_reggable_ip
      - pfmon_preload (disabled by default but could be enabled)
  sbin/pfdhcplistener (ignore DHCP served from local gateway in rogue handling code)
  - inrange_ip (only internally used in pf::util)
    - trappable_ip
      - pf::web status page, rendered through captive-portal/register.cgi (delete it all!)
      - pf::violation's violation_trigger, remove it too, already covered by IDS config
      - pf::rawip's trapmac, already to be deleted by above
    - reggable_ip: no external caller, ready to be removed

removal:
- lib/pf/pfcmd/pfcmd.pm (grammar)
- checkup: gateway
- web?
- move pf::rawip into addons/ as arp code, remove dependency from debian/rpm and remove from tests