I want to see what my PostgreSQL database server (postgres) is sending in response to my client (a Ruby application server using the pg gem). Both the server & client are running locally, and their connection is unencrypted.
Use tcpdump to display packets sent between your client & server.
How? Enter the following command in Terminal on macOS:
sudo tcpdump -A -i any port 5432
Then, trigger your application server (for example, by sending it a curl request from another Terminal window) to send a command to postgres.
Finally, view the output of tcpdump.
Note: tcpdump doesn't show packets sent between psql & postgres since they communicate over a Unix domain socket. See: Can I monitor a local unix domain socket like tcpdump?
Since tcpdump is already mentioned, I'd want to list another tool that can be used for this purpose with a less verbose output: ngrep
Usage:
ngrep -d lo port 5432
lo is the network interface to listen to. This can be found out using ifconfig. port 5432 is the pcap filter.
This can also be used to search for specific SQL statements if the aim is to capture SQL statements submitted by your application. For a detailed explanation, refer here.
Related
I am trying to do streaming replication between two postgresql servers. Main server is listening on port 5434 and I have to keep it so. When I run "pg_basebackup -h (main server ip) -D /var/lib/postgresql/13/main/ -U replicator -P -v -R -X stream -C -S slaveslot1" on replica server I get the follwing error:
"pg_basebackup: error: could not connect to server: Connection refused. Is the server running on host (main server ip) and accepting TCP/IP connections on port 5432?"
Almost all similar questions that I found in the web are dealing with some other problems as their main server is already using port 5432.
So, could you please let me know how I can keep port 5434 on main server and still run the above command for replication? Thanks in advance!
I was expecting the command to run normally and ask me for password.
I have changed the port to 5432 and in that case it works, so the command itself doesn't have mistakes in it.
But I don't know what/how I can do it if I am keeping port 5434.
You can either use the -p option of pg_basebackup, or you can set the PGPORT environment variable, or you can use the -d option with a connection string that contains port=5434.
I want to connect to a PostgreSQL server with rust-postgres:
let mut client = Client::connect("host=localhost user=postgres", NoTls)?;
The complete code example is from Client and Config.
I keep getting the error
Error: Error { kind: Connect, cause: Some(Os { code: 111, kind: ConnectionRefused, message: "Connection refused" }) }
In a terminal, I can interact with PostgreSQL:
(base) wm#wm:~/Desktop/HP$ sudo -i -u postgres
postgres#wm:~$ psql
psql (10.10 (Ubuntu 10.10-0ubuntu0.18.04.1))
Type "help" for help.
postgres=#
There are few issues relevant to failed connections, so I guess there must be something I missed.
Postgresql supports client connections via local Unix sockets or via TCP/IP connections.
In the default configuration, though, it will not listen for TCP/IP connections. It will only listen for connections to a local Unix socket. The location of this socket is defined by the postgresql configuration variable unix_socket_directories.
In your tests, you have found that when running the psql command line tool with no arguments, it manages to connect to the database. This works because psql uses the postgresql supplied client library (libpq) and this client library has the default behavior of connecting to the local Unix socket if no hostname is supplied.
However, when using rust-postgres, you are supplying a connection string including the text "host=localhost". This is instructing rust-postgres to make a connection to IP address localhost. It fails because the postgresql server is not configured to listen on any IP interfaces, and only listen on a Unix socket.
You could change the connection string to specify the unix socket to connect to, for example:
host=/var/run/postgresql/.s.PGSQL.5432
The value above reflects where the socket is on my machine, it might be different on yours.
The libpq library allows you to leave the host parameter out altogether and it will connect to the Unix socket automatically; unfortunately it does not look like rust-postgres supports this though.
Alternatively, you could reconfigure your postgresql server so that it listens on the loopback IP adapter. This involves setting the listen_addresses parameter in the postgresl configuration file. See this answer for more details, including changes you will need to make to the authentication in pg_hba.conf.
I like the pgAdmin III GUI software, but the GUI uses more bandwidth than SSH console.
psql is not interactive, without menus, tables list, etc.
Does exist some interactive text-mode tool to connect to PostgreSQL ?
There is no text-mode window-and-menu curses/ncurses style text mode interface for PostgreSQL; no ncurses equivalent to PgAdmin-III.
I strongly recommend learning psql and getting comfortable with it. You could use PgAdmin-III remotely as detailed below, but in the long run you'll be massively more productive if you learn psql.
Use PgAdmin-III via ssh tunnels or direct connection
You can always connect with PgAdmin-III via an ssh tunnel or remote TCP/IP connection. That way you aren't transmitting all the GUI data over the network, just the PostgreSQL protocol data.
For ssh, do something like:
ssh -L 15432:localhost:5432 remote_host
then while the ssh session is open, connect to localhost port 15432 to make a connection to the remote DB.
This will work even if the remote DB is only listening on 127.0.0.1. It'll also work if you ssh into a bastion host then connect to the DB server from there; just change localhost in the -L argument to the IP/hostname of the Pg server. For more information see the ssh manual, particularly LocalForward for IP forwarding, ProxyCommand for custom multilayer tunnels, and the -D option for dynamic SOCKS proxying.
It's even possible to use an ssh tunnel to connect to a server that's only listening for unix socket connections, by running socat to proxy between the unix socket and TCP.
None of this will work when you're connecting to a Windows host, but rdp2tcp can be used to tunnel TCP over RDP connections for similar effect. See this question.
Use psql
psql is pretty interactive. Though it isn't a GUI windowing interface, it's hardly just a scripting tool. It provides lots of visibility into the system with the \d commands, lots of info via \h, tab completion, paging, \e break-out command editing, and lots of other interactive features.
Use \? for psql help, and \h SQL_COMMAND for syntax of a particular SQL command, eg \h INSERT.
I have been using rockmongo as my client for mongodb on localhost for testing.
For prodction i DONT want a client online as this might reduce security.
Is there a client which will allow me to connect SSH? kind of like MySql Workbench?
or
Can rockmongo stay on my local computer and i connect to EC2 instance which has mongodb for production viewing?
or
Is there a better alternative to all of this?
My setup is a standard LAMP stack. willing to make any changes necessary.
MongoHub has the option to connect over ssh, but the app kind of sucks. It crashes a lot.
A more generic approach would be to just create your own ssh tunnel to your production server, and then connect over that through whatever client you want. The client won't care as long as it can make the connection.
On OSX/Linux, creating an ssh tunnel might look like this:
ssh -L 8080:127.0.0.1:27017 -f -C -q -N username#domain.com
This would open a local port 8080 which will forward the traffic to the localhost interface at the mongodb default port 27017 on the remote side. You would point your client at 127.0.0.1:8080 as if mongodb were running there locally.
Check some of these out - http://www.mongodb.org/display/DOCS/Admin+UIs
One workaround would be to set that file in a separate folder and make a .htaccess file that restricts access to only your ip address. Any requests not from your ip address would get denied access...
Is there a dedicated port (lower than 1024) specifically for clients to send text based console output to a server? I've googled extensively but to no avail. What's the best port (lower than 1024) for sending text based console output if any?
A port is just a number. You can see well known port assignments in /etc/services.
You need a server application to be listening on the given port to accept your input. There are number of remote terminal protocols and their implementations, among which are Telnet (port 23) and Secure Shell, or SSH (port 22).
The simplest way to test your socket client is to setup netcat on the server to listen on whatever port you want (port is 777 in the example bellow), and then try to connect to it from somewhere else:
server:~# nc -l -p 777
then
client:~$ nc server 777
Note that on Unix you normally need super-user (root) rights to bind "privileged", i.e. bellow 1024, ports.
I'm going to use telnet (port 23) since that's closest to what I want. Sending console messages to a server from a client. okey dokey thanks!