From: Amos Jeffries <squid3@treenet.co.nz>
Date: Mon, 8 Dec 2014 11:25:58 +0000 (-0800)
Subject: Update localnet definition for RFC 6890
X-Git-Tag: merge-candidate-3-v1~444
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fe204e1;p=thirdparty%2Fsquid.git

Update localnet definition for RFC 6890

RFC 6890 details updated IP address reservations for Carrier-Grade NAT
and confirms registration of the "this" network range legitimacy amongst
other non-relevant ddress range allocations.
---

diff --git a/src/cf.data.pre b/src/cf.data.pre
index 7c99813d77..68f358ebd1 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -1167,11 +1167,14 @@ NOCOMMENT_START
 # Example rule allowing access from your local networks.
 # Adapt to list your (internal) IP networks from where browsing
 # should be allowed
-acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
-acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
-acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
-acl localnet src fc00::/7       # RFC 4193 local private network range
-acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
+acl localnet src 0.0.0.1-0.255.255.255	# RFC 1122 "this" network (LAN)
+acl localnet src 10.0.0.0/8		# RFC 1918 local private network (LAN)
+acl localnet src 100.64.0.0/10		# RFC 6598 shared address space (CGN)
+acl localhet src 169.254.0.0/16 	# RFC 3927 link-local (directly plugged) machines
+acl localnet src 172.16.0.0/12		# RFC 1918 local private network (LAN)
+acl localnet src 192.168.0.0/16		# RFC 1918 local private network (LAN)
+acl localnet src fc00::/7       	# RFC 4193 local private network range
+acl localnet src fe80::/10      	# RFC 4291 link-local (directly plugged) machines
 
 acl SSL_ports port 443
 acl Safe_ports port 80		# http