Re: Acess Control !

Thank you my friend, it's work good,

but i changed the position of reject, like that:

# TYPE DATABASE USER ADDRESS METHOD
>
host xpto system 10.72.18.0/24 reject
>
host xpto system 0.0.0.0/0
reject

> host xpto system 10.75.15.60/32 md5
>
>

thank again.

2017-10-03 14:01 GMT-01:00 Scott Mead <scottm(at)openscg(dot)com>:

>
>
> On Tue, Oct 3, 2017 at 10:56 AM, Elson Vaz <elsonlei(at)gmail(dot)com> wrote:
>
>> thank you David J.,
>>
>> But how i can do this?
>> for exemple i did this configuration, but is wroge.
>>
>> # TYPE DATABASE USER ADDRESS METHOD
>> host xpto system 10.75.15.60/32 md5
>> host xpto system 10.72.18.0/24
>> reject
>>
> host xpto system 0.0.0.0/0
> reject
>
> Make sure to reload the DB when done.
>
> --Scott
>
>
>>
>>
>> i want that user *system, *only conect to xpto database if it come from
>> 10.75.15.60, but if this user *"system" *come from another adress i want
>> reject this connection, it's possible?
>>
>>
>>
>>
>>
>> 2017-10-03 13:03 GMT-01:00 David G. Johnston <david(dot)g(dot)johnston(at)gmail(dot)com>
>> :
>>
>>> On Tue, Oct 3, 2017 at 6:46 AM, Elson Vaz <elsonlei(at)gmail(dot)com> wrote:
>>>
>>>> gentlemen,
>>>>
>>>> i have one system that conect with one specific user to data base, so i
>>>> want block acess for this user only if he come from the aplication server.
>>>>
>>>> ​
>>> https://www.postgresql.org/docs/9.6/static/client-authentication.html
>>>
>>> The pg_hba.conf file is going to be required since you want the access
>>> to be conditional on the machine and grant/revoke cannot do that.
>>>
>>> David J.
>>> ​
>>>
>>
>>
>
>
> --
> --
> Scott Mead
> Sr. Architect
> *OpenSCG <http://openscg.com>*
> http://openscg.com
>