I would like to limit PostgreSQL on what ports he allocates for client connections.
What I mean is having the server listening on 5432, when a connection comes in it will allocate a port to that connection, examples currently on my local test server are 61943, 61949, 61951, 61952, 61957, etc.
In a production server what happens is those client ports are around the high 30000s which is a problem since we have some services running on those, sometimes, before our service has a chance to start, a random client connection will steal the port from it.
How would I go about configuring what the client ports should be for PostgreSQL?
PostgreSQL does not have a way to change this, it's up to the Operating System.
If using a unix system you can tell the system not to reserve ports in the range of your application by doing this (x and y being the port numbers):
sysctl -w net.ipv4.ip_local_port_range="x y"
Edit /etc/sysctl.conf with your preferred text editor and add net.ipv4.ip_local_port_range = x y
Then to reload the file do sysctl -p
This will not kill ongoing connections on the old ports, so a reboot is suggested.
Related
When I start MongoDB using mongod.exe it displays a message like "waiting for connections on port 27017", but when I execute mongo.exe the log message is "connection accepted from 127.0.0.1:60501".
Now, when I use PyMongo to connect to the DB I assumed that the port number to be used is "60501" since this is the port where the connection was established. Surprisingly I got an error saying "connection refused". I thought there was some problem with my MongoDB installation, config file placement, etc.
When nothing fixed it, I just played around by changing the port number to 27017, and this actually fixed the problem. Can someone explain how this worked out?
This behaviour is not specific to MongoDB. As part of the TCP/IP client/server protocol, services listen on configured ports (typically with well known defaults like 27017 for mongod). Clients connect to a server port and also establish their own ephemeral/dynamic port to use for the duration of a client/server session.
Each active session from the same client IP will use a distinct port on the client. The ephemeral port is logged to identify different client connections as they are established.
The logging in your case might be slightly confusing since you are connecting from localhost (127.0.0.1) where the server is also running, but the correct port to connect to is the mongod server port (default: 27017).
I am running my postgres-9.2 on 6432 port and pgbouncer on 5432 port. Few of my colleagues client machines have the firewall connection permissions on 5432 port on server machine. But as a DB admin, I wanted to restrict some IP addresses from accessing the database.
But, though I block in the pg_hba.conf file, since the pgbouncer port is allowed, they are able to access.
I can block at the OS firewall level but I don't want to take the help of my system administrator. So, is there any way to restrict and deny IP addresses from accessing the pgbouncer as we generally do through pg_hba.conf for the postgresql.
Please suggest.
https://pgbouncer.github.io/2015/12/pgbouncer-1-7
Main changes from v1.6 are support for TLS connections, HBA control
file and authentication via unix peer uid.
So from 1.7 you have hba file, just like in vanil postgres. And thus filtering connections by IP is as easy.
Also you can use some tricks, dropping connections after they connected, as described in my other recent answer https://stackoverflow.com/a/46191949/5315974 but again - it is more a trick for urgently getting rid of connections. Using such tricks in while loop or as a job is generally a bad idea.
I have a Postgres database on a linux server. I have root access which in turn can give me access to the database. In Windows you get PGAdminIII, which I would love to use to connect to the Linux server. I heard that tunneling might be necessary. I am not sure if that is true, or what it is really. Can anyone shed some light on the easiest way to get access to the database?
Tunneling is not strictly necessary. As long as you have port 5432 not firewalled, you should be able to connect to your Linux PostgreSQL server without much trouble.
You can check this from your Windows box by using this command from cmd console:
telnet linuxbox 5432
If you get black screen (not an error), then everything looks good and port 5432 should be open. Note that on Windows 7 you may need to enable telnet client (it is disabled by default) using this command:
pkgmgr /iu:"TelnetClient"
If your server is not located in your local network, or if you are concerned about security like somebody using network sniffer to watch your traffic, you should configure SSL/TLS on your PostgreSQL server - it is not very difficult to do, and completely free when using self-signed certificate.
Note that by default Postgres on Linux does not listen on network interfaces, you may need to enable it by editing postgresql.conf.
Is there a dedicated port (lower than 1024) specifically for clients to send text based console output to a server? I've googled extensively but to no avail. What's the best port (lower than 1024) for sending text based console output if any?
A port is just a number. You can see well known port assignments in /etc/services.
You need a server application to be listening on the given port to accept your input. There are number of remote terminal protocols and their implementations, among which are Telnet (port 23) and Secure Shell, or SSH (port 22).
The simplest way to test your socket client is to setup netcat on the server to listen on whatever port you want (port is 777 in the example bellow), and then try to connect to it from somewhere else:
server:~# nc -l -p 777
then
client:~$ nc server 777
Note that on Unix you normally need super-user (root) rights to bind "privileged", i.e. bellow 1024, ports.
I'm going to use telnet (port 23) since that's closest to what I want. Sending console messages to a server from a client. okey dokey thanks!
I have created an application in delphi and backend is postgres when i run the application i get the following error
general sql error.could not connect to the server;no
connection could be made because the target machine actively refused
it.[127.0.0.1:1:5433 alias resumep
I uninstalled it and installed it again but it didnt work.Even i changed the port number while installing .
I changed the password and installed again but its giving same error
what is the solution to this problem?
The database cluster of a standard PostgreSQL installation is listening on port 5432. (You can, of course, set up additional db clusters on different ports or configure your database cluster to listen on any other port.)
Any particular reason you try 5433? This is probably the cause of your problem.
If no server is listening on port 5433, the connection is simply not possible.