Обсуждение: Closing 5432 to the outside

Поиск
Список
Период
Сортировка

Closing 5432 to the outside

От
Aarni Ruuhimäki / Megative Tmi
Дата:
Hi folks !

How can I close pgsql port to the outside ? I am accessing pg-databases only
from (the local net and) the server itself via coldfusion so the port does
not have to be visible to eth0 ?

How can I do this ? Is there a start option for this ? I vaguely remember
having seen something about it somewhere but could not find in docs.

Any hint or insight / explanation into this would be greatly appreciated.

Thanks in advance,

aarni

I am running RH 7.1 and PG 7.0

Re: Closing 5432 to the outside

От
Mo Holkar
Дата:
If you start postmaster without the -i switch, that should prevent access
from anywhere non-local.

(Or if you want to be more selective, edit your pg_hba.conf file, which
controls what IP addresses are or aren't allowed to access, and under what
conditions.)

best,

Mo

At 16:41 28/09/01, you wrote:
>Hi folks !
>
>How can I close pgsql port to the outside ? I am accessing pg-databases only
>from (the local net and) the server itself via coldfusion so the port does
>not have to be visible to eth0 ?
>
>How can I do this ? Is there a start option for this ? I vaguely remember
>having seen something about it somewhere but could not find in docs.
>
>Any hint or insight / explanation into this would be greatly appreciated.
>
>Thanks in advance,
>
>aarni
>
>I am running RH 7.1 and PG 7.0
>
>
>---------------------------(end of broadcast)---------------------------
>TIP 3: if posting/reading through Usenet, please send an appropriate
>subscribe-nomail command to majordomo@postgresql.org so that your
>message can get through to the mailing list cleanly

Re: Closing 5432 to the outside

От
harrold@sage.che.pitt.edu
Дата:
Sometime in September Aarni Ruuhim�ki / Megative Tmi assaulted keyboard
and...

|Hi folks !
|
|How can I close pgsql port to the outside ? I am accessing pg-databases only
|from (the local net and) the server itself via coldfusion so the port does
|not have to be visible to eth0 ?
|
|How can I do this ? Is there a start option for this ? I vaguely remember
|having seen something about it somewhere but could not find in docs.
|
|Any hint or insight / explanation into this would be greatly appreciated.
|
|Thanks in advance,
|
|aarni
|
|I am running RH 7.1 and PG 7.0
|

since you are running redhat you could use the firewalling software to
block external access to that port using iptables i believe.

--
john

"You have new mail, you open it. Your server begins port
scanning every box on the internet.  Do the server's mind?
Of course not, they have nothing better to do."
- New Microsoft Ad?