From fe204e1d6cdef1e9bf7c1a1b4f78780f891c2f66 Mon Sep 17 00:00:00 2001 From: Amos Jeffries Date: Mon, 8 Dec 2014 03:25:58 -0800 Subject: [PATCH] Update localnet definition for RFC 6890 RFC 6890 details updated IP address reservations for Carrier-Grade NAT and confirms registration of the "this" network range legitimacy amongst other non-relevant ddress range allocations. --- src/cf.data.pre | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/cf.data.pre b/src/cf.data.pre index 7c99813d77..68f358ebd1 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -1167,11 +1167,14 @@ NOCOMMENT_START # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed -acl localnet src 10.0.0.0/8 # RFC1918 possible internal network -acl localnet src 172.16.0.0/12 # RFC1918 possible internal network -acl localnet src 192.168.0.0/16 # RFC1918 possible internal network -acl localnet src fc00::/7 # RFC 4193 local private network range -acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines +acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN) +acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN) +acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN) +acl localhet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines +acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN) +acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN) +acl localnet src fc00::/7 # RFC 4193 local private network range +acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http -- 2.39.5