Option to disable traffic to RFC 1918 ranges

[riptl]

Instructions

Add a flag or config option like --no-private-ipv4 to Flow daemon. Polkadot and other Subtrate-based protocols have this flag to prevent libp2p peer discovery from trying to connect to RFC 1918 ranges.

Issue To Be Solved

Hetzner is really strict when it comes to traffic to RFC 1918 private network ranges. Recently, our flow nodes have been generating traffic to hundreds of unroutable IPs in private network ranges. Hetzner mistook this for a port scan and pulled the plug on our servers after two hours.

As a short term fix, we patched in firewall rules that prevent outgoing packets to the affected network ranges.