# Subnets to collect statistics on.  Traffic that
# matches none of these subnets will be ignored.
# Syntax is either IP Subnet Mask or CIDR
{
# here we add list of local networks
    use esmith::NetworksDB;

    my $ndb = esmith::NetworksDB->open_ro();

    $localAccess = $ndb->local_access_spec();
    $localAccess =~  s/ /,/g;
    $localAccess =~ s:/: :g; 
       my @LocalAccess = split(/,/, $localAccess);

        foreach $rec (@LocalAccess)
                {
                next if $rec eq "127.0.0.1";
                $rec= ($rec=~ /[.\d]+ [.\d]+/ )? $rec : "$rec 255.255.255.255";
                $OUT .= "subnet $rec \n";
                }

    #$OUT .= "subnet $localAccess \n";

# subnet for external access

    my $validFrom = ${'httpd-admin'}{'ValidFrom'} || "disabled";
    if  ($validFrom ne "disabled")
	{
    	#$validFrom =~ s/,/ /g;
    	$validFrom =~ s:/: :g;
    	#$externalSSLAccess = $validFrom;
	my @externalSSLAccess = split(/,/, $validFrom);	
	
	foreach $rec (@externalSSLAccess)
		{
		$OUT .= "subnet $rec \n";

		}

	}


# subnet of external interface
	
	my $externalNet = ${'ExternalInterface'}{'IPAddress'};
	if (defined  $externalNet )
	{
	#$externalNet =~ s/[0-9]+$)/0/g; 
	$OUT .= "subnet ". ${'ExternalInterface'}{'IPAddress'} ." ". ${'ExternalInterface'}{'Netmask'} ." \n";
	}  

# subnet of adsl peer if(bandwidthd=service|remotePeers|enabled)
	

# also manually added (bandwidthd=service|subnet|172.16.0.0/12,192.168.0.0/16)
    my $subnet = $bandwidthd{'subnet'} || "disabled";
    if  ($subnet ne "disabled")
        {
        #$validFrom =~ s/,/ /g;
        #$subnet =~ s:/: :g;# here we ask to have a syntax with /24 so keeping the /
        #$externalSSLAccess = $validFrom;
        @externalSSLAccess = split(/,/, $subnet);

        foreach $rec (@externalSSLAccess)
                {
                $OUT .= "subnet $rec \n";

                }

        }


}
