diff --git a/plist b/plist
index e45d98f51..4bef2c62f 100644
--- a/plist
+++ b/plist
@@ -731,6 +731,9 @@
 /usr/local/opnsense/mvc/app/models/OPNsense/Firewall/Alias.xml
 /usr/local/opnsense/mvc/app/models/OPNsense/Firewall/Category.php
 /usr/local/opnsense/mvc/app/models/OPNsense/Firewall/Category.xml
+/usr/local/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/InterfaceNetworkAliases.php
+/usr/local/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/README.md
+/usr/local/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/StaticAliases.php
 /usr/local/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasContentField.php
 /usr/local/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasField.php
 /usr/local/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasNameField.php
diff --git a/src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.php b/src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.php
index bf3cad09e..2d4489872 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.php
+++ b/src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.php
@@ -1,7 +1,7 @@
 <?php
 
 /**
- *    Copyright (C) 2018 Deciso B.V.
+ *    Copyright (C) 2018-2025 Deciso B.V.
  *
  *    All rights reserved.
  *
diff --git a/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/InterfaceNetworkAliases.php b/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/InterfaceNetworkAliases.php
new file mode 100644
index 000000000..513aeec8c
--- /dev/null
+++ b/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/InterfaceNetworkAliases.php
@@ -0,0 +1,54 @@
+<?php
+
+/**
+ *    Copyright (C) 2025 Deciso B.V.
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Firewall\DynamicAliases;
+
+use OPNsense\Core\Config;
+
+
+class InterfaceNetworkAliases
+{
+    public function collect()
+    {
+        $result = [];
+        foreach (Config::getInstance()->object()->interfaces->children() as $k => $n) {
+            $table_name = sprintf("__%s_network", $k);
+            $table_desc = !empty((string)$n->descr) ? (string)$n->descr : $k;
+            $result[$table_name] = [
+                "enabled" => "1",
+                "name" => $table_name,
+                "type" => "internal",
+                "description" => sprintf("%s %s", $table_desc, gettext("net")),
+                "content" => ""
+            ];
+        }
+        return $result;
+    }
+}
diff --git a/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/README.md b/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/README.md
new file mode 100644
index 000000000..a5c297e28
--- /dev/null
+++ b/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/README.md
@@ -0,0 +1,11 @@
+DynamicAliases
+========================
+
+This namespace may contain simple classes which generate aliases that should be merged automatically in Firewall/Aliases.
+Each class should have a `collect()` method returning a named array with alias registration info.
+
+An easy example of the expected result can be found in `../static_aliases/core.json`
+
+** Note: make sure actions are "light weight" to prevent excessive api execution times.
+
+
diff --git a/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/StaticAliases.php b/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/StaticAliases.php
new file mode 100644
index 000000000..0ea9ef61e
--- /dev/null
+++ b/src/opnsense/mvc/app/models/OPNsense/Firewall/DynamicAliases/StaticAliases.php
@@ -0,0 +1,46 @@
+<?php
+
+/**
+ *    Copyright (C) 2025 Deciso B.V.
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Firewall\DynamicAliases;
+
+class StaticAliases
+{
+    public function collect()
+    {
+        $result = [];
+        foreach (glob(__DIR__ . "/../static_aliases/*.json") as $filename) {
+            $payload = json_decode(file_get_contents($filename), true);
+            if (is_array($payload)) {
+                $result = array_merge($result, $payload);
+            }
+        }
+        return $result;
+    }
+}
diff --git a/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasField.php b/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasField.php
index 6369f4ef5..9746b293e 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasField.php
+++ b/src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/AliasField.php
@@ -1,7 +1,7 @@
 <?php
 
 /**
- *    Copyright (C) 2020 Deciso B.V.
+ *    Copyright (C) 2020-2025 Deciso B.V.
  *
  *    All rights reserved.
  *
@@ -30,11 +30,11 @@
 
 namespace OPNsense\Firewall\FieldTypes;
 
+use ReflectionClass;
+use ReflectionException;
 use OPNsense\Base\FieldTypes\ArrayField;
-use OPNsense\Base\FieldTypes\TextField;
-use OPNsense\Base\FieldTypes\IntegerField;
 use OPNsense\Core\Backend;
-use OPNsense\Core\Config;
+
 
 class AliasField extends ArrayField
 {
@@ -51,28 +51,33 @@ class AliasField extends ArrayField
     protected static function getStaticChildren()
     {
         $result = [];
-        foreach (glob(__DIR__ . "/../static_aliases/*.json") as $filename) {
-            $payload = json_decode(file_get_contents($filename), true);
-            if (is_array($payload)) {
-                foreach ($payload as $aliasname => $content) {
-                    $result[$aliasname] = $content;
+        foreach (glob(__DIR__ . "/../DynamicAliases/*.php") as $filename) {
+            $origin = explode('.', basename($filename))[0];
+            $classname = 'OPNsense\\Firewall\\DynamicAliases\\' . $origin;
+            try {
+                $obj = (new ReflectionClass($classname))->newInstance();
+                $payload = $obj->collect();
+                if (is_array($payload)) {
+                    foreach ($payload as $aliasname => $content) {
+                        /* XXX: will overwrite when exists */
+                        $result[$aliasname] = $content;
+                    }
                 }
+            } catch (\Error | \Exception | ReflectionException $e) {
+                syslog(LOG_ERR, sprintf(
+                    "Invalid DynamicAliases object %s in %s (%s)",
+                    $classname,
+                    realpath($filename),
+                    $e->getMessage()
+                ));
             }
         }
-        foreach (Config::getInstance()->object()->interfaces->children() as $k => $n) {
-            $table_name = sprintf("__%s_network", $k);
-            $table_desc = !empty((string)$n->descr) ? (string)$n->descr : $k;
-            $result[$table_name] = [
-                "enabled" => "1",
-                "name" => $table_name,
-                "type" => "internal",
-                "description" => sprintf("%s %s", $table_desc, gettext("net")),
-                "content" => ""
-            ];
-        }
         return $result;
     }
 
+    /**
+     * {@inheritdoc}
+     */
     protected function actionPostLoadingEvent()
     {
         parent::actionPostLoadingEvent();