diff --git a/src/etc/inc/plugins.inc.d/unbound.inc b/src/etc/inc/plugins.inc.d/unbound.inc
index 6ebba069d..7db559f2b 100644
--- a/src/etc/inc/plugins.inc.d/unbound.inc
+++ b/src/etc/inc/plugins.inc.d/unbound.inc
@@ -661,39 +661,39 @@ function unbound_add_host_entries()
     file_put_contents('/var/unbound/host_entries.conf', $unbound_entries);
 }
 
-function unbound_acls_config()
+function unbound_acls_subnets()
 {
     global $config;
 
-    $aclcfg = "access-control: 127.0.0.1/32 allow\n";
-    $aclcfg .= "access-control: ::1 allow\n";
-    // Add our networks for active interfaces including localhost
     if (!empty($config['unbound']['active_interface'])) {
         $active_interfaces = array_flip(explode(",", $config['unbound']['active_interface']));
     } else {
         $active_interfaces = get_configured_interface_with_descr();
     }
 
-    $bindints = "";
+    /* add our networks for active interfaces including localhost */
+    $subnets = array('127.0.0.1/8', '::1/64');
+
     foreach ($active_interfaces as $ubif => $ifdesc) {
-        $ifip = get_interface_ip($ubif);
-        if (!empty($ifip)) {
-            $subnet_bits = get_interface_subnet($ubif);
-            $subnet_ip = gen_subnet($ifip, $subnet_bits);
-            if (!empty($subnet_bits) && !empty($subnet_ip)) {
-                $aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
-            }
-        }
-        $ifip = get_interface_ipv6($ubif);
-        if (!empty($ifip)) {
-            $subnet_bits = get_interface_subnetv6($ubif);
-            $subnet_ip = gen_subnetv6($ifip, $subnet_bits);
-            if (!empty($subnet_bits) && !empty($subnet_ip)) {
-                $aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
-            }
+        foreach (legacy_getall_interface_addresses(get_real_interface($ubif)) as $subnet) {
+            $subnets[] = $subnet;
         }
     }
 
+    return $subnets;
+}
+
+function unbound_acls_config()
+{
+    global $config;
+
+    $subnets = unbound_acls_subnets();
+    $aclcfg = '';
+
+    foreach ($subnets as $subnet) {
+        $aclcfg .= "access-control: {$subnet} allow\n";
+    }
+
     // Configure the custom ACLs
     if (isset($config['unbound']['acls'])) {
         foreach ($config['unbound']['acls'] as $unbound_acl) {
@@ -711,7 +711,6 @@ function unbound_acls_config()
         }
     }
 
-    // Write out Access list
     file_put_contents('/var/unbound/access_lists.conf', $aclcfg);
 }
 
diff --git a/src/www/services_unbound_acls.php b/src/www/services_unbound_acls.php
index b676337ec..006011131 100644
--- a/src/www/services_unbound_acls.php
+++ b/src/www/services_unbound_acls.php
@@ -31,6 +31,7 @@ require_once("guiconfig.inc");
 require_once("system.inc");
 require_once("services.inc");
 require_once("interfaces.inc");
+require_once("plugins.inc.d/unbound.inc");
 
 $a_acls = &config_read_array('unbound', 'acls');
 
@@ -335,9 +336,6 @@ if (!isset($_GET['act'])) {
             <form method="post" name="iform" id="iform">
               <table class="table table-striped">
                 <thead>
-                  <tr>
-                    <th colspan="3"><?=gettext("From General settings");?></th>
-                  </tr>
                   <tr>
                     <th><?=gettext("Access List Name"); ?></th>
                     <th><?=gettext("Action"); ?></th>
@@ -345,40 +343,13 @@ if (!isset($_GET['act'])) {
                   </tr>
                 </thead>
                 <body>
-<?php
-                  // collect networks where automatic rules will be created for
-                  if (!empty($config['unbound']['active_interface'])) {
-                      $active_interfaces = array_flip(explode(",", $config['unbound']['active_interface']));
-                  } else {
-                      $active_interfaces = get_configured_interface_with_descr();
-                  }
-                  $automatic_allowed = array();
-                  foreach ($active_interfaces as $ubif => $ifdesc) {
-                      $ifip = get_interface_ip($ubif);
-                      if (!empty($ifip)) {
-                          $subnet_bits = get_interface_subnet($ubif);
-                          $subnet_ip = gen_subnet($ifip, $subnet_bits);
-                          if (!empty($subnet_bits) && !empty($subnet_ip)) {
-                              $automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
-                          }
-                      }
-                      $ifip = get_interface_ipv6($ubif);
-                      if (!empty($ifip)) {
-                          $subnet_bits = get_interface_subnetv6($ubif);
-                          $subnet_ip = gen_subnetv6($ifip, $subnet_bits);
-                          if (!empty($subnet_bits) && !empty($subnet_ip)) {
-                              $automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
-                          }
-                      }
-                  }
-                  foreach ($automatic_allowed as $network):?>
+<?php foreach (unbound_acls_subnets() as $subnet): ?>
                   <tr>
-                    <td><?=gettext("Internal");?></td>
-                    <td><?=gettext("allow");?></td>
-                    <td><?=$network;?></td>
+                    <td><?= gettext('Internal') ?></td>
+                    <td><?= gettext('Allow') ?></td>
+                    <td><?= $subnet ?></td>
                   </tr>
-<?php
-                  endforeach;?>
+<?php endforeach ?>
                 </tbody>
               </table>
             </div>