diff options
author | alex <alex@FreeBSD.org> | 2000-06-26 14:52:39 +0000 |
---|---|---|
committer | alex <alex@FreeBSD.org> | 2000-06-26 14:52:39 +0000 |
commit | 3ff7ddfcc8353275f98af60103e8a9461b7ffc6e (patch) | |
tree | 9769db6dbbab91548e7759e8817e92861c6f5e75 /sbin | |
parent | 9c7df143c8a591b6b93c53b2c73296bfa6f3ac05 (diff) | |
download | FreeBSD-src-3ff7ddfcc8353275f98af60103e8a9461b7ffc6e.zip FreeBSD-src-3ff7ddfcc8353275f98af60103e8a9461b7ffc6e.tar.gz |
Add note about security concerns w/o a firewall but other machines
on your LAN to the "RUNNING NATD" introduction.
In a different way requested by:
PR: 18802
Submitted by: Zachary K Drew <drew0054@tc.umn.edu>
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/natd/natd.8 | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/sbin/natd/natd.8 b/sbin/natd/natd.8 index f23df75..eafa573 100644 --- a/sbin/natd/natd.8 +++ b/sbin/natd/natd.8 @@ -490,6 +490,14 @@ The second line depends on your interface (change ed0 as appropriate) and assumes that you've updated .Pa /etc/services with the natd entry as above. +.Pp +You should be aware of the fact, +that with these firewall settings everyone on your local network +can fake his source-address using your box as gateway. +If there are other machines on your local network, +it is highly recommended to create firewall-rules that only allow traffic +from and to your own machines. +.Pp If you specify real firewall rules, it's best to specify line 2 at the start of the script so that .Nm |