Update localnet definition for RFC 6890

RFC 6890 details updated IP address reservations for Carrier-Grade NAT
and confirms registration of the "this" network range legitimacy amongst
other non-relevant ddress range allocations.

diff --git a/src/cf.data.pre b/src/cf.data.pre
index 7c99813d776c9b135187555d9ec882a317ad4270..68f358ebd11668047dd9e6fb2b5a240775742f19 100644 (file)
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -1167,11 +1167,14 @@ NOCOMMENT_START
 # Example rule allowing access from your local networks.
 # Adapt to list your (internal) IP networks from where browsing
 # should be allowed
-acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
-acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
-acl localnet src 192.168.0.0/16        # RFC1918 possible internal network
-acl localnet src fc00::/7       # RFC 4193 local private network range
-acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
+acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
+acl localnet src 10.0.0.0/8            # RFC 1918 local private network (LAN)
+acl localnet src 100.64.0.0/10         # RFC 6598 shared address space (CGN)
+acl localhet src 169.254.0.0/16        # RFC 3927 link-local (directly plugged) machines
+acl localnet src 172.16.0.0/12         # RFC 1918 local private network (LAN)
+acl localnet src 192.168.0.0/16                # RFC 1918 local private network (LAN)
+acl localnet src fc00::/7              # RFC 4193 local private network range
+acl localnet src fe80::/10             # RFC 4291 link-local (directly plugged) machines
 
 acl SSL_ports port 443
 acl Safe_ports port 80         # http