| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Geoffrey Knauth <geoff(at)knauth(dot)org> |
| Cc: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: listen_addresses = '*' ok, specific address(es) no |
| Date: | 2006-06-16 02:46:48 |
| Message-ID: | 12217.1150426008@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Geoffrey Knauth <geoff(at)knauth(dot)org> writes:
> Andrew Sullivan wrote:
>> Well, do you actually have an interface with that address?
> I think I do, in that the machine's wireless interface is set up with
> a 192.168.1.x/24 address and 1.33 is on the same subnet. Or maybe
> I'm misunderstanding. I thought the purpose of listen_addresses was
> to allowing incoming connections only from listed addresses.
You're misunderstanding then. What listen_addresses can bind to is IP
addresses of *your own machine*. For example, if you bind to only
127.0.0.1 then only local loopback connections will work. Binding to
just one external IP address is only interesting if your machine has
more than one such address; then it prevents connections that're coming
in through one of the other addresses.
The right way to limit incoming connections to only come *from*
particular IP addresses is to use pg_hba.conf.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Phillip Smith | 2006-06-16 02:49:16 | Re: listen_addresses = '*' ok, specific address(es) no (.... and a thread hi-jack!) |
| Previous Message | Aaron Bono | 2006-06-16 02:26:57 | Re: Repetitive code |