Merge pull request #92799 from JoeAldinger/OSDOCS-14395

OSDOCS-14395:adds note about legacy behavior for nil selector in netpol

Author: JoeAldinger

modules/nw-networkpolicy-about.adoc

@@ -10,13 +10,16 @@ By default, all pods in a project are accessible from other pods and network end
 
 If a pod is matched by selectors in one or more `NetworkPolicy` objects, then the pod will accept only connections that are allowed by at least one of those `NetworkPolicy` objects. A pod that is not selected by any `NetworkPolicy` objects is fully accessible.
 
-A network policy applies to only the TCP, UDP, ICMP, and SCTP protocols. Other protocols are not affected.
+
+A network policy applies to only the Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP), and Stream Control Transmission Protocol (SCTP) protocols. Other protocols are not affected.
 
 [WARNING]
 ====
-Network policy does not apply to the host network namespace. Pods with host networking enabled are unaffected by network policy rules. However, pods connecting to the host-networked pods might be affected by the network policy rules.
+* A network policy does not apply to the host network namespace. Pods with host networking enabled are unaffected by network policy rules. However, pods connecting to the host-networked pods might be affected by the network policy rules.
+
+* Using the `namespaceSelector` field without the `podSelector` field set to `{}` will not include `hostNetwork` pods. You must use the `podSelector` set to `{}` with the `namespaceSelector` field in order to target `hostNetwork` pods when creating network policies.
 
-Network policies cannot block traffic from localhost or from their resident nodes.
+* Network policies cannot block traffic from localhost or from their resident nodes.
 ====
 
 The following example `NetworkPolicy` objects demonstrate supporting different scenarios: