Hi,
I am having problem in configuring iptables for PostgreSQL server. I added following rule to iptables to allow connections to default PostgreSQL port (5432): {{{ sudo /sbin/iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/24 --dport 5432 -j ACCEPT }}}
After this I can't connect using telnet or psql (postgres client). Following error is received from telnet on MacOS and CentOS: {{{ MacOS$ telnet 10.0.0.12 5432 Trying 10.0.0.12… telnet: connect to address 10.0.0.12: Connection refused telnet: Unable to connect to remote host }}}
{{{ CentOS$ telnet 10.0.0.12 5432 Trying 10.0.0.12... telnet: connect to address 10.0.0.12: No route to host }}}
I tried removing source address constraint and to allow connections from all hosts, however that didn't make any difference.
* The connection works fine when I stop iptables firewall.
I am sure there is no rule before this 5432 rule which is refusing connections. The PostgreSQL server is running and accepting localhost connections. Also, hosts.allow and hosts.deny file are not refusing connections. Any help on what might be wrong?
-- Thanks, CS
There was a rule above this 5432 blocking connections. Somehow I missed it and noticed it only after posting this message. Fixed and it's working now.
-- Thanks, CS
On Tue, Aug 31, 2010 at 8:09 PM, Carlos S neubyr@gmail.com wrote:
Hi,
I am having problem in configuring iptables for PostgreSQL server. I added following rule to iptables to allow connections to default PostgreSQL port (5432): {{{ sudo /sbin/iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.0.0.0/24 --dport 5432 -j ACCEPT }}}
After this I can't connect using telnet or psql (postgres client). Following error is received from telnet on MacOS and CentOS: {{{ MacOS$ telnet 10.0.0.12 5432 Trying 10.0.0.12… telnet: connect to address 10.0.0.12: Connection refused telnet: Unable to connect to remote host }}}
{{{ CentOS$ telnet 10.0.0.12 5432 Trying 10.0.0.12... telnet: connect to address 10.0.0.12: No route to host }}}
I tried removing source address constraint and to allow connections from all hosts, however that didn't make any difference.
- The connection works fine when I stop iptables firewall.
I am sure there is no rule before this 5432 rule which is refusing connections. The PostgreSQL server is running and accepting localhost connections. Also, hosts.allow and hosts.deny file are not refusing connections. Any help on what might be wrong?
-- Thanks, CS
-
Carlos S