在 Ubuntu 中打开端口

Question

So I'm using AWS using EC2 and I'm trying to open up a port for Postgresql. In AWS I already have it open:

TCP
Port (Service)      Source                  Action
0 - 65535           sg-92aadda2 (default)   Delete
22 (SSH)            0.0.0.0/0               Delete
80 (HTTP)           0.0.0.0/0               Delete
5432                0.0.0.0/0               Delete

When I do netstat it looks as though the port is listening:

# netstat -an | grep 5432
tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN

When I do a localhost nmap I get the following:

 Nmap scan report for localhost (127.0.0.1)
 Host is up (0.000010s latency).
 Not shown: 997 closed ports
 PORT      STATE SERVICE
 22/tcp    open  ssh
 80/tcp    open  http
 5432/tcp  open  postgresql

And here's where the fun begins. When I do an nmap from an alternative host I get the following:

PORT      STATE  SERVICE
22/tcp    open   ssh
80/tcp    open   http
5432/tcp  closed postgresql

I also looked at my iptables to see if I was missing something, but the iptables look empty (which should mean they aren't really doing much)

$ iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
REJECT     all  --  anywhere             127.0.0.0/8          reject-with icmp-port-unreachable
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:postgresql
ACCEPT     icmp --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             limit: avg 5/min burst 5 LOG level debug prefix "iptables denied: "
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Am I missing something cause I can't seem to figure out how to access the ip. Whenever I try I get the following error:

Is the server running on host "xx.xx.xx.xx" and accepting TCP/IP connections on port 5432?

How do I make it so that I can open up the port so that external servers have access to it? Thanks in advance =) Lemme know if you need any additional data.

EDIT : As asked below, I tested telnetting, and I was able to telnet into the localhost, but when attempting from the outside I get:

$ telnet xx.xx.xx.xx 5432
Trying xx.xx.xx.xx...
telnet: Unable to connect to remote host: Connection refused

Also, I double checked and I was properly able to telnet into ssh:

$ telnet xx.xx.xx.xx 22
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1

Answer 1

Edit /etc/postgresql/<version>/main/postgresql.conf and set the listen_addresses to your outgoing interface or all. Restart postgresql: sudo service postgresql restart .

Answer 2

It works for me the last method (thks Julio):

Edit: postgresql.conf

sudo nano /etc/postgresql/9.3/main/postgresql.conf

Enable or add:

listen_addresses = '*'

Restart the database engine:

sudo service postgresql restart

---

Besides, you can check the file: pg_hba.conf

sudo nano /etc/postgresql/9.3/main/pg_hba.conf

And add your network or host address:

host all all 192.168.1.0/24 md5

Answer 3

If you have edited postgresql.conf and main/pg_hba.conf and still having a problem, please try

sudo ufw allow 5432/tcp

to unblock psql port

Answer 4

如果您使用 docker 连接到主机的 postgresql，您必须使用主机的 ip，您可以通过运行ip addr show docker0获得该 ip，希望它可以帮助某人。