PostgreSQL and iptables
Hi there,
I am trying to install a postgres cluster in a XenSever VM: I did not have
any difficulties in compiling, installing and starting the DB. The problem
is that I can not access to this db from an external machine: I tried to
configure port forwarding through iptables as well as I did for ssh
connections (ssh is working correctly).
Actually I do not have psql in XenServer host, I am using a third server and
this is iptables rules I am trying:
iptables -t nat -A PREROUTING -p tcp --dport 5997 -j DNAT --to-destination
10.0.0.4:5997
I also triet do scan port by nmap and I received this output:
nmap -p 5997 pippo.eu
Starting Nmap 5.00 ( http://nmap.org ) at 2015-06-12 16:38 CEST
Interesting ports on pippo.eu (xxx.xxx.xxx.xxx):
PORT STATE SERVICE
5997/tcp filtered ncd-pref
This is psql output:
psql -p 5997 -h pippo.eu
psql: could not connect to server: No route to host
Is the server running on host "pippo.eu" (xxx.xxx.xxx.xxx) and
accepting
TCP/IP connections on port 5997?
Port 5997 is open in virtual machine and accept connections.
Can anyone help me? I'm going crazy.... :(
Thanks in advance.
Meph
--
View this message in context: http://postgresql.nabble.com/PostgreSQL-and-iptables-tp5853587.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
The default port for PostgreSQL is 5432.
To allow external ip access, you need to specifcally add the ip's to the
pg_hba.conf on the PostgreSQL server
and then reload the PostgreSQL cluster. IE: pg_ctl reload
On Fri, Jun 12, 2015 at 10:58 AM, mephysto <mephystoonhell@gmail.com> wrote:
Hi there,
I am trying to install a postgres cluster in a XenSever VM: I did not have
any difficulties in compiling, installing and starting the DB. The problem
is that I can not access to this db from an external machine: I tried to
configure port forwarding through iptables as well as I did for ssh
connections (ssh is working correctly).Actually I do not have psql in XenServer host, I am using a third server
and
this is iptables rules I am trying:iptables -t nat -A PREROUTING -p tcp --dport 5997 -j DNAT --to-destination
10.0.0.4:5997I also triet do scan port by nmap and I received this output:
nmap -p 5997 pippo.eu
Starting Nmap 5.00 ( http://nmap.org ) at 2015-06-12 16:38 CEST
Interesting ports on pippo.eu (xxx.xxx.xxx.xxx):
PORT STATE SERVICE
5997/tcp filtered ncd-prefThis is psql output:
psql -p 5997 -h pippo.eu
psql: could not connect to server: No route to host
Is the server running on host "pippo.eu" (xxx.xxx.xxx.xxx) and
accepting
TCP/IP connections on port 5997?Port 5997 is open in virtual machine and accept connections.
Can anyone help me? I'm going crazy.... :(
Thanks in advance.
Meph
--
View this message in context:
http://postgresql.nabble.com/PostgreSQL-and-iptables-tp5853587.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
--
*Melvin Davidson*
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.
I am sorry, I forgot to say that port of my database in postgresql.conf is
setted to 5997.
Byem
Meph
On 12 June 2015 at 17:10, Melvin Davidson <melvin6925@gmail.com> wrote:
Show quoted text
The default port for PostgreSQL is 5432.
To allow external ip access, you need to specifcally add the ip's to the
pg_hba.conf on the PostgreSQL server
and then reload the PostgreSQL cluster. IE: pg_ctl reloadOn Fri, Jun 12, 2015 at 10:58 AM, mephysto <mephystoonhell@gmail.com>
wrote:Hi there,
I am trying to install a postgres cluster in a XenSever VM: I did not have
any difficulties in compiling, installing and starting the DB. The problem
is that I can not access to this db from an external machine: I tried to
configure port forwarding through iptables as well as I did for ssh
connections (ssh is working correctly).Actually I do not have psql in XenServer host, I am using a third server
and
this is iptables rules I am trying:iptables -t nat -A PREROUTING -p tcp --dport 5997 -j DNAT --to-destination
10.0.0.4:5997I also triet do scan port by nmap and I received this output:
nmap -p 5997 pippo.eu
Starting Nmap 5.00 ( http://nmap.org ) at 2015-06-12 16:38 CEST
Interesting ports on pippo.eu (xxx.xxx.xxx.xxx):
PORT STATE SERVICE
5997/tcp filtered ncd-prefThis is psql output:
psql -p 5997 -h pippo.eu
psql: could not connect to server: No route to host
Is the server running on host "pippo.eu" (xxx.xxx.xxx.xxx) and
accepting
TCP/IP connections on port 5997?Port 5997 is open in virtual machine and accept connections.
Can anyone help me? I'm going crazy.... :(
Thanks in advance.
Meph
--
View this message in context:
http://postgresql.nabble.com/PostgreSQL-and-iptables-tp5853587.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general--
*Melvin Davidson*
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.
You also did not state which O/S you are working with or which version of
PostgreSQL you are using.
In either case, you still need to update the pg_hba.conf file and then
reload.
http://www.postgresql.org/docs/9.1/static/auth-pg-hba-conf.html
On Fri, Jun 12, 2015 at 11:32 AM, Mephysto <mephystoonhell@gmail.com> wrote:
I am sorry, I forgot to say that port of my database in postgresql.conf is
setted to 5997.Byem
Meph
On 12 June 2015 at 17:10, Melvin Davidson <melvin6925@gmail.com> wrote:
The default port for PostgreSQL is 5432.
To allow external ip access, you need to specifcally add the ip's to the
pg_hba.conf on the PostgreSQL server
and then reload the PostgreSQL cluster. IE: pg_ctl reloadOn Fri, Jun 12, 2015 at 10:58 AM, mephysto <mephystoonhell@gmail.com>
wrote:Hi there,
I am trying to install a postgres cluster in a XenSever VM: I did not
have
any difficulties in compiling, installing and starting the DB. The
problem
is that I can not access to this db from an external machine: I tried to
configure port forwarding through iptables as well as I did for ssh
connections (ssh is working correctly).Actually I do not have psql in XenServer host, I am using a third server
and
this is iptables rules I am trying:iptables -t nat -A PREROUTING -p tcp --dport 5997 -j DNAT
--to-destination
10.0.0.4:5997I also triet do scan port by nmap and I received this output:
nmap -p 5997 pippo.eu
Starting Nmap 5.00 ( http://nmap.org ) at 2015-06-12 16:38 CEST
Interesting ports on pippo.eu (xxx.xxx.xxx.xxx):
PORT STATE SERVICE
5997/tcp filtered ncd-prefThis is psql output:
psql -p 5997 -h pippo.eu
psql: could not connect to server: No route to host
Is the server running on host "pippo.eu" (xxx.xxx.xxx.xxx) and
accepting
TCP/IP connections on port 5997?Port 5997 is open in virtual machine and accept connections.
Can anyone help me? I'm going crazy.... :(
Thanks in advance.
Meph
--
View this message in context:
http://postgresql.nabble.com/PostgreSQL-and-iptables-tp5853587.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general--
*Melvin Davidson*
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.
--
*Melvin Davidson*
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.
Melvin Davidson wrote on Friday, June 12, 2015 5:10 PM:
To allow external ip access, you need to specifcally add the ip's to the pg_hba.conf on the PostgreSQL server
and then reload the PostgreSQL cluster. IE: pg_ctl reload
Generally, yes. But the original poster’s error message said “No route to host,” this is not pg_hba.conf-related.
Mephysto will have to look into how routing is configured on his machine. (I doubt it’s a firewall issue either – with those you more likely get no response at all.)
Cheers,
Holger Friedrich
Thank you Holger,
any suggestions?
I'm using the same settings used for ssh connection to vm, and these work
correctly....
Bye.
Meph
Il 12/giu/2015 17:37, <Holger.Friedrich-Fa-Trivadis@it.nrw.de> ha scritto:
Show quoted text
Melvin Davidson wrote on Friday, June 12, 2015 5:10 PM:
To allow external ip access, you need to specifcally add the ip's to
the pg_hba.conf on the PostgreSQL server
and then reload the PostgreSQL cluster. IE: pg_ctl reload
Generally, yes. But the original poster’s error message said “No route to
host,” this is not pg_hba.conf-related.Mephysto will have to look into how routing is configured on his machine.
(I doubt it’s a firewall issue either – with those you more likely get no
response at all.)Cheers,
Holger Friedrich
El 13/06/15 a las 10:58, Mephysto escribió:
Thank you Holger,
any suggestions?I'm using the same settings used for ssh connection to vm, and these
work correctly....Bye.
Meph
Hello
Are PosgreSQL listening in the IP of the machine with (for example):
listen_addresses = '*' # what IP address(es) to listen on;
Instead:
listen_addresses = 'localhost' # what IP address(es) to listen on;
That is the default.
Best
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
Many thanks to all, I resolved my issue. A rules has lacked in iptables, like
this:
iptables -A INPUT -p tcp --dport 5997 -j ACCEPT
Bye.
Meph
--
View this message in context: http://postgresql.nabble.com/PostgreSQL-and-iptables-tp5853587p5854028.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general