Thread: Proxy Server ...
does anyone know of a proxy server that i can run on a server to "pretend" its a postgresql server? so that I can connect to IP:port and have it establish a connection to IP:5432? Basically, I have a domain running in a FreeBSD jail, with a database server behind it ... the database server isn't accessible from the Internet, only from the local network ... so I need to run a proxy server in the jail that will accept connections, thru it, to the database server ... I need it to work for JDBC connections as well as ODBC (pgAdminII) ... which I don't think is any different, but figured i'd mention it "just in case" ... I've looked at SSLProxy (JDBC Proxy server), but its SSL only, which makes pgAdminII a problem :( Thanks ...
On Mon, 24 Jun 2002, Tom Lane wrote: > "Marc G. Fournier" <scrappy@hub.org> writes: > > does anyone know of a proxy server that i can run on a server to "pretend" > > its a postgresql server? so that I can connect to IP:port and have it > > establish a connection to IP:5432? > > [ scratches head ] Why don't you just start the postmaster listening > to the other port instead of 5432? Seems like a proxy inside the jail > wouldn't really do anything the postmaster itself wouldn't do. > > Possibly setting VIRTUAL_HOST would help too, if the problem is that > the postmaster is trying to bind to addresses it's not allowed to. Not possible to run a postmaster inside of the jail itself, which would *really* simplify things :(
Marc G. Fournier dijo: > does anyone know of a proxy server that i can run on a server to "pretend" > its a postgresql server? so that I can connect to IP:port and have it > establish a connection to IP:5432? You can use OpenSSH for that. -- Alvaro Herrera (<alvherre[a]atentus.com>) "Pensar que el espectro que vemos es ilusorio no lo despoja de espanto, sólo le suma el nuevo terror de la locura" (Perelandra, CSLewis)
"Marc G. Fournier" <scrappy@hub.org> writes:
> Not possible to run a postmaster inside of the jail itself, which would
> *really* simplify things :(
Oh, you're thinking proxy inside jail, postmaster outside? How would
the proxy communicate with the postmaster then?
regards, tom lane
"Marc G. Fournier" <scrappy@hub.org> writes:
> does anyone know of a proxy server that i can run on a server to "pretend"
> its a postgresql server? so that I can connect to IP:port and have it
> establish a connection to IP:5432?
[ scratches head ] Why don't you just start the postmaster listening
to the other port instead of 5432? Seems like a proxy inside the jail
wouldn't really do anything the postmaster itself wouldn't do.
Possibly setting VIRTUAL_HOST would help too, if the problem is that
the postmaster is trying to bind to addresses it's not allowed to.
regards, tom lane
On Mon, 24 Jun 2002, Tom Lane wrote: > "Marc G. Fournier" <scrappy@hub.org> writes: > > Not possible to run a postmaster inside of the jail itself, which would > > *really* simplify things :( > > Oh, you're thinking proxy inside jail, postmaster outside? How would > the proxy communicate with the postmaster then? Same as it always does ... ignore the 'jail' part ... use this as a scenario: <Internet> <-> <Proxy Server> <-192.168.0.1-> <Database Server> Now, I have found one that appears to work great (SSLProxy) ... which uses JDBC to connect to the database, but it requires an SSL-enabled client to use it, which cuts out stuff that use ODBC to connect, I believe?
On Mon, 24 Jun 2002, Bill Moran wrote: > Marc G. Fournier wrote: > > does anyone know of a proxy server that i can run on a server to "pretend" > > its a postgresql server? so that I can connect to IP:port and have it > > establish a connection to IP:5432? > > > > Basically, I have a domain running in a FreeBSD jail, with a database > > server behind it ... the database server isn't accessible from the > > Internet, only from the local network ... so I need to run a proxy server > > in the jail that will accept connections, thru it, to the database server > > ... > > > > I need it to work for JDBC connections as well as ODBC (pgAdminII) ... > > which I don't think is any different, but figured i'd mention it "just in > > case" ... > > > > I've looked at SSLProxy (JDBC Proxy server), but its SSL only, which makes > > pgAdminII a problem :( > > You can use FreeBSD's IPFW to "forward" the port. > See the man pages. Not doable inside of a jail, as far as I'm aware ... ;(
Marc G. Fournier wrote: > does anyone know of a proxy server that i can run on a server to "pretend" > its a postgresql server? so that I can connect to IP:port and have it > establish a connection to IP:5432? > > Basically, I have a domain running in a FreeBSD jail, with a database > server behind it ... the database server isn't accessible from the > Internet, only from the local network ... so I need to run a proxy server > in the jail that will accept connections, thru it, to the database server > ... > > I need it to work for JDBC connections as well as ODBC (pgAdminII) ... > which I don't think is any different, but figured i'd mention it "just in > case" ... > > I've looked at SSLProxy (JDBC Proxy server), but its SSL only, which makes > pgAdminII a problem :( You can use FreeBSD's IPFW to "forward" the port. See the man pages. -- Bill Moran Potential Technologies http://www.potentialtech.com
On Mon, Jun 24, 2002 at 04:13:02PM -0300, Marc G. Fournier wrote: > > does anyone know of a proxy server that i can run on a server to "pretend" > its a postgresql server? so that I can connect to IP:port and have it > establish a connection to IP:5432? I've always used netcat for this purpose. add it to inetd with a line to connect to the other server. I beleive there is also a program named redir which does a similar thing without using inetd. HTH, -- Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/ > There are 10 kinds of people in the world, those that can do binary > arithmetic and those that can't.
Marc G. Fournier sez: } does anyone know of a proxy server that i can run on a server to "pretend" } its a postgresql server? so that I can connect to IP:port and have it } establish a connection to IP:5432? } } Basically, I have a domain running in a FreeBSD jail, with a database } server behind it ... the database server isn't accessible from the } Internet, only from the local network ... so I need to run a proxy server } in the jail that will accept connections, thru it, to the database server } ... } } I need it to work for JDBC connections as well as ODBC (pgAdminII) ... } which I don't think is any different, but figured i'd mention it "just in } case" ... } } I've looked at SSLProxy (JDBC Proxy server), but its SSL only, which makes } pgAdminII a problem :( There are several possible solutions. The simplest is to use the socket program, which will do what you want (with minor trickery, see the man page); it can be found at http://sources.isc.org/network/utils/socket.txt . Another is to use ssh with the -L or -R flag (look at the man page). Still yet another is that if you are running a firewall and natd, which is what it sounds like, natd has a -redirect_port flag which will let you do what you want (again, see the man page). Again, those solutions are: 1. socket -bfslp "socket <pg host> 5432" <listenport> 2. ssh -L <listenport>:<pg host>:5432 3. natd -redirect_port tcp <host>:<listenport> <pg host>:5432 (I'm not too sure of those commandlines. Some testing and reading of man pages may be necessary.) } Thanks ... --Greg
> > > does anyone know of a proxy server that i can run on a server to > > > "pretend" its a postgresql server? so that I can connect to > > > IP:port and have it establish a connection to IP:5432? > > > > [ scratches head ] Why don't you just start the postmaster > > listening to the other port instead of 5432? Seems like a proxy > > inside the jail wouldn't really do anything the postmaster itself > > wouldn't do. > > > > Possibly setting VIRTUAL_HOST would help too, if the problem is > > that the postmaster is trying to bind to addresses it's not > > allowed to. > > Not possible to run a postmaster inside of the jail itself, which > would *really* simplify things :( Do you know what part of postgresql doesn't work inside of a jail? As someone suggested, ipfw fwd _should_ do the trick. I'd be curious as to why it wouldn't. -sc -- Sean Chittenden
On Mon, 24 Jun 2002, Sean Chittenden wrote: > > > > does anyone know of a proxy server that i can run on a server to > > > > "pretend" its a postgresql server? so that I can connect to > > > > IP:port and have it establish a connection to IP:5432? > > > > > > [ scratches head ] Why don't you just start the postmaster > > > listening to the other port instead of 5432? Seems like a proxy > > > inside the jail wouldn't really do anything the postmaster itself > > > wouldn't do. > > > > > > Possibly setting VIRTUAL_HOST would help too, if the problem is > > > that the postmaster is trying to bind to addresses it's not > > > allowed to. > > > > Not possible to run a postmaster inside of the jail itself, which > > would *really* simplify things :( > > Do you know what part of postgresql doesn't work inside of a jail? shared memory is highly recommend to not be used within a jail'd environment for various reasons ... > As someone suggested, ipfw fwd _should_ do the trick. I'd be curious as > to why it wouldn't. -sc ipfw would have to be used at the operating system level, I want/require it to be redireected at the jail level for accountability reasons ...
Do you have a way of doing destination nat? On Linux, I map inbound IP/port requests using iptables at the firewall to my private address space. No proxying needed. I'm sure there is a freebsd function that is similar. David Marc G. Fournier wrote: >does anyone know of a proxy server that i can run on a server to "pretend" >its a postgresql server? so that I can connect to IP:port and have it >establish a connection to IP:5432? > >
In C I would like to tell if an insert failed and why. In particular if it failed because of a duplicate value in a field marked unique. Can this be done, how? If not, is their a work around besides querying each unique field for a dup? Thanks, Jeremy
Jeremy Cowgar <develop@cowgar.com> writes:
> In C I would like to tell if an insert failed and why. In particular if
> it failed because of a duplicate value in a field marked unique.
Right now, the only way to tell this is to look at the error message
(PQerrorMessage), which will say something like
ERROR: Cannot insert a duplicate key into unique index foo_f1_key
This is pretty grotty, but until we get around to supporting proper
error codes, it's the only way ...
regards, tom lane