summaryrefslogtreecommitdiff
path: root/share/man/man4/ipsec.4
diff options
context:
space:
mode:
Diffstat (limited to 'share/man/man4/ipsec.4')
-rw-r--r--share/man/man4/ipsec.47
1 files changed, 5 insertions, 2 deletions
diff --git a/share/man/man4/ipsec.4 b/share/man/man4/ipsec.4
index d7c1f5f1058..92ded5ababc 100644
--- a/share/man/man4/ipsec.4
+++ b/share/man/man4/ipsec.4
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ipsec.4,v 1.15 1999/02/23 03:49:51 angelos Exp $
+.\" $OpenBSD: ipsec.4,v 1.16 1999/02/24 23:33:23 angelos Exp $
.\" Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
.\" All rights reserved.
.\"
@@ -79,7 +79,10 @@ effect of multiple transactions being received by the peer. Consider the
attacker has got to know what the traffic is all about by other means than
cracking the encryption, and that the traffic causes events favourable for him,
like depositing money into his account. We need to make sure he cannot just
-replay that traffic later.
+replay that traffic later. WARNING: as per the standards specification, replay
+protection is not performed when using manual-keyed IPsec (e.g., when using
+.Xr ipsecadm 8
+).
.El
.Pp
.Tn IPSec