I am a newbie to connections. I ran the following command on my ubuntu server:
lsof -nP -iTCP -sTCP:LISTEN
and this came up, among other connections:
postgres 29826 postgres 7u IPv6 192275 0t0 TCP [::1]:5432 (LISTEN)
postgres 29826 postgres 8u IPv4 192276 0t0 TCP 127.0.0.1:5432 (LISTEN)
I am configuring my "ufw" firewall and trying to understand what is connecting to my server. Question is the following:
Is this connecting in some way to the internet? I am assuming it is not, since the IP address is local. Another question, is there a command to check only incoming and outcoming connections to the internet? Somewhat simplified so I can understand it better?
Thank you very much
You are right, that server is only listening on the loopback interface.
You'll have to change the listen_addresses parameter and restart PostgreSQL.
Related
i actually use a dbeaver client which executes a pg_dump command
on a remote server. The command starts exactly like that :
pg_dump --verbose --host=127.0.0.1 --port=47855 --username=user-accounet..
i dont't know how dbeaver creates ssh tunnel (it uses a bastion)
but, it is not the question.
the question is : when i excute the command below..
lsof -i -P -n | grep pg_dump
i get this :
pg_dump 14144 parcss-alexco 3u IPv4 397966 0t0 TCP 127.0.0.1:35978->127.0.0.1:47855 (ESTABLISHED)
what is this adress ip : 35978 ?
what kind of binding 35978 --> 47855 means ?
Does it concern a remote ip adresse ? local ?
i'd like to understand..
A TCP connection is between to sockets. A fully specified socket has an IP address and a port number.
pg_dump uses port 47855 on 127.0.0.1 for the remote socket for the connection, but what about the socket on the other end? The IP address is clear, but what is the port number? Since the socket is not explicitly bound to a certain port with bind(2), connect(2) will assign an “ephemeral port” number. This happens to be 35978 in your case.
I have followed all the advice I've found online, but I can't seem to get this to work.
Background:
I have setup Postgresql 9.6 on a server running RHEL 6.8. I am trying to remotely connect to this server's Postgresql service from a client running Linux Mint 17.3.
What I've tried:
1) In postgresql.conf, I added these two lines:
listen_addresses = '*'
port = 5432
2) In pg_hba.conf, I added this line:
host all all 0.0.0.0/0 md5
3) Restarted postgresql server afterwards:
service postgresql-9.6 restart
4) Added rule to firewall to allow connections to port 5432 just in case:
iptables -A INPUT -s 0/0 -p tcp --dport 5432 -j ACCEPT
5) Ran netstat -tulpn | grep 5432 and got this output:
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 2625/postmaster
tcp 0 0 ::::5432 :::* LISTEN 2625/postmaster
Here is the command I ran to connect to my server from the client:
psql -h my_host_name -d my_database_name -U postgres
And I got the following output:
psql: could not connect to server: Connection timed out
Is the server running on host "my_host_name" (my_ip_address) and accepting
TCP/IP connections on port 5432?
Question:
What else can I do to further troubleshoot this issue?
Turns out there was another firewall on our network that I wasn't taking into account. To anybody else dealing with this issue, make sure that you are absolutely sure that you are not dealing with a firewall.
When I run netstat -a | findstr :5432 I get:
TCP 0.0.0.0:5432 PDDV-Answers:0 LISTENING
TCP 127.0.0.1:5432 PDDV-Answers:53925 ESTABLISHED
...
TCP 127.0.0.1:53931 PDDV-Answers:5432 ESTABLISHED
TCP [::]:5432 PDDV-Answers:0 LISTENING
Is the postgres DB on this server listening for remote connections on 5432?
I was expecting something like:
TCP 0.0.0.0:5432 *.*:0 LISTENING
My settings in postgres have all been enabled for remote connections and listening. and I think my firewall rule in is place - yet I can't remote telnet to the server on 5432 (local telnet to it works), or establish a database connection from my remote server which is my ultimate objective.
Craig Ringer was correct. The system is listening fine. There was a corporate firewall which was blocking access into the server.
In addition I needed to add additional access rules via the pg_hba.conf file for the servers own IP number
host all all a.b.c.d/32 md5
To allow it to connect to itself via Telnet. That was how I proved it was a corporate firewall problem
This question already has answers here:
Connection refused (PGError) (postgresql and rails)
(6 answers)
Closed 9 years ago.
I am trying to connect postgresql but I am getting this error.
org.postgresql.util.PSQLException: Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
My pg_hba.conf file is like this.
TYPE DATABASE USER CIDR-ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
I would be much obliged if anyone please be so kind enough to explain whats hoing on here and how should I correct it.
The error you quote has nothing to do with pg_hba.conf; it's failing to connect, not failing to authorize the connection.
Do what the error message says:
Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections
You haven't shown the command that produces the error. Assuming you're connecting on localhost port 5432 (the defaults for a standard PostgreSQL install), then either:
PostgreSQL isn't running
PostgreSQL isn't listening for TCP/IP connections (listen_addresses in postgresql.conf)
PostgreSQL is only listening on IPv4 (0.0.0.0 or 127.0.0.1) and you're connecting on IPv6 (::1) or vice versa. This seems to be an issue on some older Mac OS X versions that have weird IPv6 socket behaviour, and on some older Windows versions.
PostgreSQL is listening on a different port to the one you're connecting on
(unlikely) there's an iptables rule blocking loopback connections
(If you are not connecting on localhost, it may also be a network firewall that's blocking TCP/IP connections, but I'm guessing you're using the defaults since you didn't say).
So ... check those:
ps -f -u postgres should list postgres processes
sudo lsof -n -u postgres |grep LISTEN or sudo netstat -ltnp | grep postgres should show the TCP/IP addresses and ports PostgreSQL is listening on
BTW, I think you must be on an old version. On my 9.3 install, the error is rather more detailed:
$ psql -h localhost -p 12345
psql: could not connect to server: Connection refused
Is the server running on host "localhost" (::1) and accepting
TCP/IP connections on port 12345?
Hello all :) I'm a having a little trouble connecting this.
On Windows 7 about my Debian 6 on VitualBox configured with Host-only Adapter:
>nmap -T4 -A -v 192.168.56.1
[...]
5432/tcp unknown postgresql
On the Debian, PostgreSQl is listening:
>netstat -tulpn
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 2432/postgres
tcp6 0 0 :::5432 :::* LISTEN 2432/postgres
.. and the port is opened
>iptables -nL
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0./0 tcp dpt:5432
.. and Postgres is accepting all the connections in postgresql.conf
listen-addresses = '*'
port = 5432
In Windows I have this error message from pdAdmin:
Server doesn't listen
The server doesn't accept connections: the connection library reports
could not connect to server: Connection refused (0x0000274D/10061)
Is the server running on host "192.168.56.1" and accepting TCP/IP
connections on port 5432?
If you encounter this message, please check if the server you're trying
to contact is actually running PostgreSQL on the given port.
Test if you have network connectivity from your client to the server
host using ping or equivalent tools. Is your network / VPN / SSH tunnel /
firewall configured correctly?
For security reasons, PostgreSQL does not listen on all available
IP addresses on the server machine initially. In order to access
the server over the network, you need to enable listening on the
address first.
For PostgreSQL servers starting with version 8.0, this is controlled
using the "listen_addresses" parameter in the postgresql.conf file.
Here, you can enter a list of IP addresses the server should listen
on, or simply use '*' to listen on all available IP addresses. For
earlier servers (Version 7.3 or 7.4), you'll need to set the
"tcpip_socket" parameter to 'true'.
You can use the postgresql.conf editor that is built into pgAdmin III
to edit the postgresql.conf configuration file. After changing this
file, you need to restart the server process to make the setting effective.
If you double-checked your configuration but still get this error
message, it's still unlikely that you encounter a fatal PostgreSQL
misbehaviour. You probably have some low level network connectivity
problems (e.g. firewall configuration). Please check this thoroughly
before reporting a bug to the PostgreSQL community.
Best regards
What about your pg_hba.conf file?
Have you configured it to accept connections from hosts in the 192.168.56.0 network?
Try to add this line and restart Postgres:
# VitualBox Host-Only Adapter
host all all 192.168.56.0/24 md5
If it's a testing environment you could even replace 192.168.56.0/24 with 0.0.0.0/0 and forget about it.