Re: Acess Control !

It is read from up to down until specific criteria is true. It stops there
and doesn't read thru rest of the lines.
On Wed, Oct 4, 2017 at 06:41 Elson Vaz <elsonlei(at)gmail(dot)com> wrote:

> Good morning pinker,
>
>
> Thank you for approch, but i maked this teste:
>
> 1. Reject xpto connection from all adress and after acept xpto
> connection from this adress - result = work good (lock connection for
> xtpo come from other adress and acept from this adress)
>
>
> # TYPE DATABASE USER ADDRESS METHOD
>>
>> host xpto system 10.72.18.0/24
>> reject
>>
>> host xpto system 0.0.0.0/0
> reject
> host xpto system 10.75.15.60/32 md5
>
> host all all *0.0.0.0/0
> <http://0.0.0.0/0>* md5
>
>
>
> 1. acept xpto connection from especific adress and after reject
> from all connection - result = (acept all connection, that come from
> all adress )
>
>
>
> # TYPE DATABASE USER ADDRESS METHOD
>>
>>
>
> host xpto system 10.75.15.60/32 md5
>>
>>
>
> host all all *0.0.0.0/0
> <http://0.0.0.0/0>* md5
>
>
> host xpto system
> 10.72.18.0/24 reject
> host xpto system
> 0.0.0.0/0 reject
>
>
>
>
>
> So, maybe the read come from up to down? or have other explanation? i
> don't know, i use postgres 9.4.
>
> 2017-10-03 20:55 GMT-01:00 pinker <pinker(at)onet(dot)eu>:
>
>> be careful with order change. This proposed by Scott was correct; yours
>> will
>> reject all the connections made by user system to xpto. Documentation
>> says:
>>
>> > The first record with a matching connection type, client address,
>> > requested database, and user name is used to perform authentication.
>> There
>> > is no "fall-through" or "backup": if one record is chosen and the
>> > authentication fails, subsequent records are not considered.
>>
>>
>>
>>
>>
>> --
>> Sent from:
>> http://www.postgresql-archive.org/PostgreSQL-admin-f2076596.html
>>
>>
>> --
>> Sent via pgsql-admin mailing list (pgsql-admin(at)postgresql(dot)org)
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgsql-admin
>>
>
> --
Thanks
Vasanth