Re: pg_hba.conf change in 7.4 - Mailing list pgsql-general
| From | Seum-Lim Gan |
|---|---|
| Subject | Re: pg_hba.conf change in 7.4 |
| Date | |
| Msg-id | p05100301bbe2a820b516@[135.185.171.70] Whole thread Raw |
| In response to | Re: pg_hba.conf change in 7.4 (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Responses |
Re: pg_hba.conf change in 7.4
(Bruce Momjian <pgman@candle.pha.pa.us>)
|
| List | pgsql-general |
Hi Bruce,
Thanks for the info.
I captured the netstat output below.
Looks like there is a bunch of IPv4 being used.
Any idea how this can be resolved ?
Thanks.
Gan
UDP: IPv6
Local Address Remote Address
State If
--------------------------------- ---------------------------------
---------- -----
localhost.35847 localhost.35847 Connected
TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
-------------------- -------------------- ----- ------ ----- ------ -------
localhost.32906 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32906 49152 0 49152 0 ESTABLISHED
localhost.32908 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32908 49152 0 49152 0 ESTABLISHED
localhost.32910 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32910 49152 0 49152 0 ESTABLISHED
localhost.32911 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32911 49152 0 49152 0 ESTABLISHED
localhost.32913 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32913 49152 0 49152 0 ESTABLISHED
localhost.32915 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32915 49152 0 49152 0 ESTABLISHED
localhost.32917 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32917 49152 0 49152 0 ESTABLISHED
localhost.32919 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32919 49152 0 49152 0 ESTABLISHED
localhost.32920 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32920 49152 0 49152 0 ESTABLISHED
localhost.32922 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32922 49152 0 49152 0 ESTABLISHED
localhost.32923 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32923 49152 0 49152 0 ESTABLISHED
localhost.32924 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32924 49152 0 49152 0 ESTABLISHED
localhost.32926 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32926 49152 0 49152 0 ESTABLISHED
localhost.32927 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.32927 49152 0 49152 0 ESTABLISHED
localhost.33086 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.33086 49152 0 49152 0 ESTABLISHED
localhost.33087 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.33087 49152 0 49152 0 ESTABLISHED
localhost.50882 localhost.14502 49152 0 49152 0 ESTABLISHED
localhost.14502 localhost.50882 49152 0 49152 0 ESTABLISHED
localhost.50883 localhost.14500 49152 0 49152 0 ESTABLISHED
localhost.14500 localhost.50883 49152 0 49152 0 ESTABLISHED
At 12:11 pm -0500 2003/11/20, Bruce Momjian wrote:
>Seum-Lim Gan wrote:
>> Hi,
>>
>> In 7.4, I noticed there is this ::1 and ffff: (x8 of them)
>> for IPv6.
>>
>> I looked at the documentation and there is nothing that says
>> what the ::1 is for.
>
>The ::1 is a IPv6 shorthand for 127.0.0.1 (localhost).
>
>> Commenting out that line will prevent access to PostgreSQL
>> from psql unless I put trust for that line.
>>
>> This is what I had in 7.3.4:
>> host all all 127.0.0.1 255.255.255.255
> > ident pspmap
>> local all all password
>> host all all 0.0.0.0 0.0.0.0 reject
>>
>> But in 7.4, it does not work anymore. It seems to want ::1 to be somewhere.
>> If I change the line with ::1 from trust to ident pspmap, it complains that
>> the user cannot be found. But it is in the pspmap. Message fromm psql:
>
>Seems you have an OS that makes all connections IPv6, even IPv4 ones.
>That is why we had to have that line in there. Seems ::1 controls your
>local connections on that platform. Some platforms have distinct IPv4
>and IPv6 connections, so we have to include both lines in the file.
>
>> Right now, I have it set to trust to work around.
>> Any idea what to do about this ?
>>
>> host all all 127.0.0.1 255.255.255.255
>> ident pspmap
>> local all all password
>> host all all 0.0.0.0 0.0.0.0 reject
>> # IPv4-style local connections:
>> #host all all 127.0.0.1 255.255.255.255 trust
>> # IPv6-style local connections:
>> host all all ::1
>> ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust
>
>Yea, that's about it. My guess is that nothing is coming in via IPv4 on
>your machine so 127.0.0.1 does nothing. Perhaps netstat will show the
>IP address family used.
>
>--
> Bruce Momjian | http://candle.pha.pa.us
> pgman@candle.pha.pa.us | (610) 359-1001
> + If your life is a hard drive, | 13 Roberts Road
> + Christ can be your backup. | Newtown Square, Pennsylvania 19073
--
+--------------------------------------------------------+
| Seum-Lim GAN email : slgan@lucent.com |
| Lucent Technologies |
| 2000 N. Naperville Road, 6B-403F tel : (630)-713-6665 |
| Naperville, IL 60566, USA. fax : (630)-713-7272 |
| web : http://inuweb.ih.lucent.com/~slgan |
+--------------------------------------------------------+
pgsql-general by date: