Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 23 May 2000 16:23:10 -0500 (CDT)
From:      Zachary Drew <drew0054@tc.umn.edu>
To:        Stephen Montgomery-Smith <stephen@math.missouri.edu>
Cc:        "B. Carlson" <carls107@msu.edu>, stable@FreeBSD.ORG
Subject:   Re: One internet connection for many puters?
Message-ID:  <Pine.SOL.4.20.0005231616350.8753-100000@garnet.tc.umn.edu>
In-Reply-To: <392AF00A.3C4BAE43@math.missouri.edu>

next in thread | previous in thread | raw e-mail | index | archive | help


> 
> firewall_script="/etc/rc.firewall.mine"
> natd_flags="-s -m -u -dynamic"
> 

I highly recomend that you use the "-u" flag. If you don't someone on your
cable/dsl/etc subnet and possibly anywhere and the internet could use your
machine the same way you use it from your private network (i.e. they could
attack someone using you as the default gateway and it would appear to
come from you.) This actually should be in the man page.

> 
> One of the options I put on natd might require your local area network
> addresses to be 192.168.xxx.xxx, which is what I have.

the -u flag will allow 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16, not
just 192.168.0.0/16


Zach



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.20.0005231616350.8753-100000>