Greg Smith wrote:
> On Mon, 7 Jan 2008, Joshua D. Drake wrote:
>
>> Certainly and iptables gives you some flexibility in connection
>> availability "before" it hits the actual database but without having
>> to jimmy the production firewall.
>
> 4) Funky tricks with things like port forwarding and filtering that you
> can't do with PostgreSQL alone, and that need to be active for people in
> the internal LAN. I recall this one time where I needed the database
> port to be different based on which of the local subnets the connection
> was coming through (it was a version migration thing). Those were some
> fun ipchains rules (yeah, that long ago) and I'd have been hard pressed
> to do that on the firewall instead without a major contortion to the
> network.
Some people won't like this but... packet shaping and bandwidth control
as well.
Joshua D. Drake
>
> --
> * Greg Smith gsmith@gregsmith.com http://www.gregsmith.com Baltimore, MD
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo@postgresql.org so that your
> message can get through to the mailing list cleanly
>
