Re: listen_addresses = '*' ok, specific address(es) no
| От | Phillip Smith |
|---|---|
| Тема | Re: listen_addresses = '*' ok, specific address(es) no |
| Дата | |
| Msg-id | 005401c690ef$d979f5f0$9b0014ac@ITPhil обсуждение исходный текст |
| Ответ на | Re: listen_addresses = '*' ok, specific address(es) no (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-sql |
quote:
"The right way to limit incoming connections to only come *from*
particular IP addresses is to use pg_hba.conf."
Apologies Geoff - that would be the easier way rather than ipchains /
iptables.
-p
-----Original Message-----
From: pgsql-sql-owner@postgresql.org [mailto:pgsql-sql-owner@postgresql.org]
On Behalf Of Tom Lane
Sent: Friday, 16 June 2006 12:47 PM
To: Geoffrey Knauth
Cc: pgsql-sql@postgresql.org
Subject: Re: [SQL] listen_addresses = '*' ok, specific address(es) no
Geoffrey Knauth <geoff@knauth.org> writes:
> Andrew Sullivan wrote:
>> Well, do you actually have an interface with that address?
> I think I do, in that the machine's wireless interface is set up with
> a 192.168.1.x/24 address and 1.33 is on the same subnet. Or maybe
> I'm misunderstanding. I thought the purpose of listen_addresses was
> to allowing incoming connections only from listed addresses.
You're misunderstanding then. What listen_addresses can bind to is IP
addresses of *your own machine*. For example, if you bind to only
127.0.0.1 then only local loopback connections will work. Binding to
just one external IP address is only interesting if your machine has
more than one such address; then it prevents connections that're coming
in through one of the other addresses.
The right way to limit incoming connections to only come *from*
particular IP addresses is to use pg_hba.conf.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings
*******************Confidentiality and Privilege Notice*******************
The material contained in this message is privileged and confidential to
the addressee. If you are not the addressee indicated in this message or
responsible for delivery of the message to such person, you may not copy
or deliver this message to anyone, and you should destroy it and kindly
notify the sender by reply email.
Information in this message that does not relate to the official business
of Weatherbeeta must be treated as neither given nor endorsed by Weatherbeeta.
Weatherbeeta, its employees, contractors or associates shall not be liable
for direct, indirect or consequential loss arising from transmission of this
message or any attachments
В списке pgsql-sql по дате отправления: