How to configure postgresql postgresql.conf listen_addresses for multiple IPs

Question

How to configure postgresql postgresql.conf listen_addresses for multiple IPs

I can normally connect to the remote postgresql server, which has restrictions on connecting to several IP addresses in the pg_hba.conf file , but is this enough if the listen_addresses postgresql.conf listen_addresses set to "*" ?

These files indicate that this option can accept a comma-separated list of IP addresses, but if I do, I will lose the ability to remotely connect.

postgresql-8.4.9 rhel

+51

postgresql

chrismarx Mar 19 '12 at 2:01

source share

2 answers

Setting listen_addresses to '*' is normal, as dbenhur points out. You can also use tools like iptables to restrict access to the port separately from some remote IP addresses. You can do both: redundancy in security is not necessarily bad (although relying on IP address security is not so good).

+4

araqnid Mar 19 '12 at 11:34

source share

dbenhur · Accepted Answer · 2012-03-19 04:25

listen_addresses controls which IP addresses the server will respond to, and not which IP addresses the server will allow connections for authentication. It is quite reasonable and normal to use listen_addresses '*' so that the server accepts incoming connections on any ip assigned to the interface on the postgresql server, when using pg_hba.conf to control access at a lower level, for which the server will accept IP addresses for specific logins databases and users.

How to configure postgresql postgresql.conf listen_addresses for multiple IPs

More articles: