Changes between Version 22 and Version 23 of sysadminiptables


Ignore:
Timestamp:
Jun 23, 2009, 7:27:04 PM (13 years ago)
Author:
risard
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • sysadminiptables

    v22 v23  
    77[#Configuringiptables Configuring iptables][[BR]]
    88[#TestingYourConfig Testing Your Config][[BR]]
     9[#SpecialPostgresqlIssues Special Postgresql Issues][[BR]]
    910[#NecessaryPorts-DatabaseServer Necessary Ports - Database Server][[BR]]
    1011[#NecessaryPorts-Open-ilsServer Necessary Ports - Open-ils Server][[BR]]
     
    177178
    178179----
     180== Special Postgresql Issues ==
     181
     182with postgres, you also need to specifically allow remote hosts to access the server.
     183
     184To begin with, you need to tell postgres to listen for connections from other hosts rather then just the localhost (the default).
     185
     186As the postgres user, edit postgresql.conf:
     187
     188{{{
     189    sudo vim /etc/postgresql/8.3/main/postgresql.conf
     190}}}
     191
     192Change:
     193
     194{{{
     195    #listen_addresses = ‘localhost’
     196}}}
     197
     198to:
     199
     200{{{
     201    listen_addresses = ‘<ip address of oils server>’
     202}}}
     203
     204Next, edit pg_hba.conf:
     205
     206{{{
     207    sudo vim /etc/postgresql/8.3/main/pg_hba.conf
     208}}}
     209
     210and in the area marked "Put your actual configuration here," enter the following:
     211
     212{{{
     213    # Put your actual configuration here
     214    # ----------------------------------
     215    #
     216    # If you want to allow non-local connections, you need to add more
     217    # "host" records. In that case you will also need to make PostgreSQL listen
     218    # on a non-local interface via the listen_addresses configuration parameter,
     219    # or via the -i or -h command line switches.
     220    #
     221
     222    host    evergreen       evergreen       10.104.10.168/32      md5
     223}}}
     224
     225  ||connection type|| in this example, host is used.  This means postgres should be looking for a TCP connection (rather then a Unix socket connection for example)||
     226  ||database||the name evergreen is being used in this example||
     227  ||user||again, in our hypothetical example, evergreen is the username||
     228  ||address||the ip address or host name of the machine that's allowed to make a connection.  In real life, this would be the oils server address||
     229  ||authentication options||in this case md5 is used, meaning the password is encrypted||
     230
     231After editing and saving both files, you need to restart postgres.
     232
     233
     234----
    179235== References ==
    180236http://iptables-tutorial.frozentux.net/iptables-tutorial.html [[BR]]