Eugene Lee <eugene@anime.net> writes:
> Note, no "-i" option. Instead, I added the line "tcpip_socket = yes"
> in the file /usr/local/pgsql/data/postgresql.conf to enable TCP/IP
> socket access. But the line in the config file doesn't work.
There is no such config file in 7.0.*. You must be reading the
development-sources documentation at postgresql.org. See the 7.0
docs included in your distribution (they're also on the website,
but you have to dig a little).
> However, instead of being denied outright, I can connect to the default
> port from the outside world.
By "connect" I suppose you mean you telnet to the port and type a few
random characters?
> In the logs, it shows up as an entry with
> a datetime stamp and a message "Invalid packet length". Is this normal
> PostgreSQL behavior?
That's about what I'd expect, since authorization checks aren't applied
until the would-be client has sent a connection-request packet.
If you want to prevent the connection from even reaching the postmaster,
I recommend messing around with your firewall's filters.
regards, tom lane
