| From: | Adrian Klaver <aklaver(at)comcast(dot)net> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Cc: | "Willy-Bas Loos" <willybas(at)gmail(dot)com> |
| Subject: | Re: open up firewall from "anywhere" to postgres ports? |
| Date: | 2009-03-07 21:41:18 |
| Message-ID: | 200903071341.18637.aklaver@comcast.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Saturday 07 March 2009 1:27:02 pm Willy-Bas Loos wrote:
> Hi,
>
> I have a very basic issue that i'd like to discuss
> I have just recieved a newly installed database server.
> I'm wondering if i should open up the ports to my two clusters 5432
> and 5433 from "Anywhere"?
> As an alternative, i could add each ip address both in the firewall
> and the pg_hba.conf.
>
> I feel that it's a stupid question, since there is pg_hba, which
> already does this work.
> Yet all the people that i know, do it in the firewall AND the pg_hba.conf.
>
> Is there any potential danger in opening up the firewall for those ports??
>
> cheers,
>
> WBL
>
> --
I may be misunderstanding but if you don't allow access to ports 5432 and 5433
in the firewall the packets will never get to the point that the rules in
pg_hba.conf apply. Also are you running two instances of Postgres listening on
different ports? Just trying to figure where the 5433 comes from.
--
Adrian Klaver
aklaver(at)comcast(dot)net
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Piotre Ugrumov | 2009-03-07 21:57:44 | Enable user access from remote host |
| Previous Message | Tom Lane | 2009-03-07 21:41:04 | Re: open up firewall from "anywhere" to postgres ports? |