Add note about security concerns w/o a firewall but other machines

on your LAN to the "RUNNING NATD" introduction. In a different way requested by: PR: 18802 Submitted by: Zachary K Drew <drew0054@tc.umn.edu>
author: alex <alex@FreeBSD.org> 2000-06-26 14:52:39 +0000
committer: alex <alex@FreeBSD.org> 2000-06-26 14:52:39 +0000
commit: 3ff7ddfcc8353275f98af60103e8a9461b7ffc6e (patch)
tree: 9769db6dbbab91548e7759e8817e92861c6f5e75 /sbin/natd/natd.8
parent: 9c7df143c8a591b6b93c53b2c73296bfa6f3ac05 (diff)
download: FreeBSD-src-3ff7ddfcc8353275f98af60103e8a9461b7ffc6e.zip
FreeBSD-src-3ff7ddfcc8353275f98af60103e8a9461b7ffc6e.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/sbin/natd/natd.8 b/sbin/natd/natd.8
index f23df75..eafa573 100644
--- a/sbin/natd/natd.8
+++ b/sbin/natd/natd.8
@@ -490,6 +490,14 @@ The second line depends on your interface (change ed0 as appropriate)
 and assumes that you've updated
 .Pa /etc/services
 with the natd entry as above.
+.Pp
+You should be aware of the fact,
+that with these firewall settings everyone on your local network
+can fake his source-address using your box as gateway.
+If there are other machines on your local network,
+it is highly recommended to create firewall-rules that only allow traffic
+from and to your own machines.
+.Pp
 If you specify real firewall rules,
 it's best to specify line 2 at the start of the script so that
 .Nm
author	alex <alex@FreeBSD.org>	2000-06-26 14:52:39 +0000
committer	alex <alex@FreeBSD.org>	2000-06-26 14:52:39 +0000
commit	3ff7ddfcc8353275f98af60103e8a9461b7ffc6e (patch)
tree	9769db6dbbab91548e7759e8817e92861c6f5e75 /sbin/natd/natd.8
parent	9c7df143c8a591b6b93c53b2c73296bfa6f3ac05 (diff)
download	FreeBSD-src-3ff7ddfcc8353275f98af60103e8a9461b7ffc6e.zip FreeBSD-src-3ff7ddfcc8353275f98af60103e8a9461b7ffc6e.tar.gz