Add note about security concerns w/o a firewall but other machines

on your LAN to the "RUNNING NATD" introduction.

In a different way requested by:
PR:		18802
Submitted by:	Zachary K Drew <drew0054@tc.umn.edu>
This commit is contained in:
Alexander Langer 2000-06-26 14:52:39 +00:00
parent 27d19e4e41
commit 54c593c69c
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=62122

View File

@ -490,6 +490,14 @@ The second line depends on your interface (change ed0 as appropriate)
and assumes that you've updated
.Pa /etc/services
with the natd entry as above.
.Pp
You should be aware of the fact,
that with these firewall settings everyone on your local network
can fake his source-address using your box as gateway.
If there are other machines on your local network,
it is highly recommended to create firewall-rules that only allow traffic
from and to your own machines.
.Pp
If you specify real firewall rules,
it's best to specify line 2 at the start of the script so that
.Nm