policy: add missing local range 100.64.0.0/10

Thanks to Petr for finding this issue.

diff --git a/NEWS b/NEWS
index a5c1fec6aba10470a88366a8b0f810d1e7d61cbc..faa9a05acd862e7399ad7c0b75d56a513d351969 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,7 @@ Improvements
 ------------
 - allow answering from cache in non-iterative modes (#122)
 - command line: specify ports via @ but still support # for compatibility
+- policy: recognize 100.64.0.0/10 as local addresses
 
 
 Knot Resolver 1.2.6 (2017-04-24)

diff --git a/modules/policy/policy.lua b/modules/policy/policy.lua
index b48234ee3869546b761f74b4a01cc17a981224b0..d3ae783d2a980ab2d80488533de51057240aa38f 100644 (file)
--- a/modules/policy/policy.lua
+++ b/modules/policy/policy.lua
@@ -318,7 +318,9 @@ end
 
 -- RFC1918 Private, local, broadcast, test and special zones
 -- Considerations: RFC6761, sec 6.1.
+-- https://www.iana.org/assignments/locally-served-dns-zones
 local private_zones = {
+       -- RFC6303
        '10.in-addr.arpa.',
        '16.172.in-addr.arpa.',
        '17.172.in-addr.arpa.',
@@ -337,7 +339,6 @@ local private_zones = {
        '30.172.in-addr.arpa.',
        '31.172.in-addr.arpa.',
        '168.192.in-addr.arpa.',
-       -- RFC5735, RFC5737
        '0.in-addr.arpa.',
        '127.in-addr.arpa.',
        '254.169.in-addr.arpa.',
@@ -345,7 +346,73 @@ local private_zones = {
        '100.51.198.in-addr.arpa.',
        '113.0.203.in-addr.arpa.',
        '255.255.255.255.in-addr.arpa.',
-       -- IPv6 local, example
+       -- RFC7796
+       '64.100.in-addr.arpa.',
+       '65.100.in-addr.arpa.',
+       '66.100.in-addr.arpa.',
+       '67.100.in-addr.arpa.',
+       '68.100.in-addr.arpa.',
+       '69.100.in-addr.arpa.',
+       '70.100.in-addr.arpa.',
+       '71.100.in-addr.arpa.',
+       '72.100.in-addr.arpa.',
+       '73.100.in-addr.arpa.',
+       '74.100.in-addr.arpa.',
+       '75.100.in-addr.arpa.',
+       '76.100.in-addr.arpa.',
+       '77.100.in-addr.arpa.',
+       '78.100.in-addr.arpa.',
+       '79.100.in-addr.arpa.',
+       '80.100.in-addr.arpa.',
+       '81.100.in-addr.arpa.',
+       '82.100.in-addr.arpa.',
+       '83.100.in-addr.arpa.',
+       '84.100.in-addr.arpa.',
+       '85.100.in-addr.arpa.',
+       '86.100.in-addr.arpa.',
+       '87.100.in-addr.arpa.',
+       '88.100.in-addr.arpa.',
+       '89.100.in-addr.arpa.',
+       '90.100.in-addr.arpa.',
+       '91.100.in-addr.arpa.',
+       '92.100.in-addr.arpa.',
+       '93.100.in-addr.arpa.',
+       '94.100.in-addr.arpa.',
+       '95.100.in-addr.arpa.',
+       '96.100.in-addr.arpa.',
+       '97.100.in-addr.arpa.',
+       '98.100.in-addr.arpa.',
+       '99.100.in-addr.arpa.',
+       '100.100.in-addr.arpa.',
+       '101.100.in-addr.arpa.',
+       '102.100.in-addr.arpa.',
+       '103.100.in-addr.arpa.',
+       '104.100.in-addr.arpa.',
+       '105.100.in-addr.arpa.',
+       '106.100.in-addr.arpa.',
+       '107.100.in-addr.arpa.',
+       '108.100.in-addr.arpa.',
+       '109.100.in-addr.arpa.',
+       '110.100.in-addr.arpa.',
+       '111.100.in-addr.arpa.',
+       '112.100.in-addr.arpa.',
+       '113.100.in-addr.arpa.',
+       '114.100.in-addr.arpa.',
+       '115.100.in-addr.arpa.',
+       '116.100.in-addr.arpa.',
+       '117.100.in-addr.arpa.',
+       '118.100.in-addr.arpa.',
+       '119.100.in-addr.arpa.',
+       '120.100.in-addr.arpa.',
+       '121.100.in-addr.arpa.',
+       '122.100.in-addr.arpa.',
+       '123.100.in-addr.arpa.',
+       '124.100.in-addr.arpa.',
+       '125.100.in-addr.arpa.',
+       '126.100.in-addr.arpa.',
+       '127.100.in-addr.arpa.',
+
+       -- RFC6303
        '0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.',
        '1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.',
        'd.f.ip6.arpa.',
@@ -353,7 +420,7 @@ local private_zones = {
        '9.e.f.ip6.arpa.',
        'a.e.f.ip6.arpa.',
        'b.e.f.ip6.arpa.',
-       '8.b.d.0.1.0.0.2.ip6.arpa',
+       '8.b.d.0.1.0.0.2.ip6.arpa.',
 }
 policy.todnames(private_zones)