我可以很好地连接到远程Postgresql服务器,该服务器对 pg_hba.conf 中的几个IP有连接限制,但是如果您有 listen_addresses 就足够了是在 postgresql.conf 文件中将code>设置为 * 吗?
I can connect just fine to a remote postgresql server that has connection restrictions to a few IPs in the pg_hba.conf, but is this enough if you have listen_addresses set to "*" in the postgresql.conf file?
该文件表明该参数可以使用逗号分隔的IP地址列表,但是如果这样做,我将失去远程连接的能力。
That files indicates that that parameter can take a comma separated list of ip addresses, but if i do that, I lose the ability to connect remotely.
postgresql-8.4.9 rhel
postgresql-8.4.9 rhel
推荐答案
listen_addresses 控制哪个IP地址。服务器将应答,而不是服务器允许连接进行身份验证的IP。使用 listen_addresses'*'是完全合理和正常的,因此服务器将在使用pg_hba.conf 可以在更细粒度的级别上控制服务器将接受的IP地址登录特定数据库和用户。
listen_addresses controls which IPs the server will answer on, not which IPs the server will permit connections to authenticate from. It's entirely reasonable and normal to use listen_addresses '*' so the server will accept incoming connections on any ip assigned to an interface on the postgresql server host, while using pg_hba.conf to control access at a finer grained level for which IPs the server will accept logins from for specific databases and users.
更多推荐
如何为多个IP地址配置postgresql postgresql.conf listen
发布评论