I hope the RFC1918 check is already made. If not it could be added. As I wrote before, there have been reasonable checks in place but people here have asked them to be removed because they wanted to do what the checks prevented. (like setting up a gateway with external address in net-44)
Maybe if the portal can flags specific issues, it could can then display additional options like say:
- RFC1918 address space (10.x.x.x/8, 172.16.x.x/12, 192.168.x.x/16) is not an allowed gateway address as it's non-routable over the Internet
- Specifying a 44.x.x.x address for a gateway is illegal except for very limited situations (this 44.x.x.x gateways address is BGP hosted and you still want access to the IP-IP tunneled system)
- IPv6 address space is not supported today
- etc
then under all that, offer a "bypass checks" option to let them do things anyway?
--David KI6ZHD