From 0a892f4a8a5d772f109b55c76e18271b77f9b273 Mon Sep 17 00:00:00 2001 From: alex Date: Mon, 26 Jun 2000 14:52:39 +0000 Subject: [PATCH] Add note about security concerns w/o a firewall but other machines on your LAN to the "RUNNING NATD" introduction. In a different way requested by: PR: 18802 Submitted by: Zachary K Drew --- sbin/natd/natd.8 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sbin/natd/natd.8 b/sbin/natd/natd.8 index f23df75faf4a..eafa573c0192 100644 --- a/sbin/natd/natd.8 +++ b/sbin/natd/natd.8 @@ -490,6 +490,14 @@ The second line depends on your interface (change ed0 as appropriate) and assumes that you've updated .Pa /etc/services with the natd entry as above. +.Pp +You should be aware of the fact, +that with these firewall settings everyone on your local network +can fake his source-address using your box as gateway. +If there are other machines on your local network, +it is highly recommended to create firewall-rules that only allow traffic +from and to your own machines. +.Pp If you specify real firewall rules, it's best to specify line 2 at the start of the script so that .Nm