Postgres remote connection - Windows server

Question

I have the following lines in pg_hba.conf . Postgres is installed on a Windows server.

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
#host   all             all             myip            md5
# IPv6 local connections:
host    all             all             ::1/128                 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
host    replication     all             127.0.0.1/32            md5
host    replication     all             ::1/128                 md5

I would like to allow connection only from one more public IP address. How can I achieve that? As soon as I enable the above line IP: Postgres doesn't start.

Looking for some guidance.

Answer 1

I run postgres on several Windows servers (Windows Server 2012 R2, Windows Server 2016) as a part of a commercial framework running on an Apache tomcat webserver. The local connection worked fine. However, I want the same postgres server to be accessible for another framework (Cakephp) on another server (Red Hat Enterprise Linux) on the same server farm. This used to work until I upgraded to postgres 9. Now I had to upgrade to postgres 10. No matter what I tried, I failed. Here is what I did to solve the problem: Find your local postgres configuration files. They are usually in the same directory as the postgres tablespace, in my case: d:\\PG10Data\\postgresql.conf. This file has to contain the following lines:

# - Connection Settings:
listen_addresses = '*'  # what IP addresses/interfaces to listen on
port = 5432

The next file to be modified is the pg_hba.conf (hba = host based access):

# TYPE  DATABASE        USER            ADDRESS                 METHOD
# some sample entries:
# this will open UP ALL REMOTE IPv4 connections, do not open up permanently
host    all             all             0.0.0.0/0               md5
# only 1 database for 1 user from 1 IPv4 address:
host    yourdatabasename    yourusername        10.15.17.13/32          md5
# don not forget the "/32", otherwise the postgres server will not start up!

After editing these files, restart the postgres server. You can run

netstat -a -n | findstr 5432

to see if the postgres listener is running.

You can also run the following to test connectivity from the Windows command prompt:

psql -Uyourusername -dyourdatabasename -p5432 -hlocalhost

This should work at any time. The next level will be to use your computer's local IPv4 address. This you can find out with

ipconfig

This will tell you your local IPv4 address. Use this in the following command:

psql -Uyourusername -dyourdatabasename -p5432 -hyourlocalip

My problem was, this command failed. Since I ran it directly on my server, it could not be the local Windows firewall.

The solution: There is a 2nd configuration file: d:\\PG10Data\\postgresql.auto.conf The file starts ominously with the following 2 lines:

# Do not edit this file manually!
# It will be overwritten by the ALTER SYSTEM command

And it ends:

listen_addresses = 'localhost'

I tried the ALTER SYSTEM command when I was logged on locally as postgres via psql, but no success. In the end I turned cheeky and changed the entry in d:\\PG10Data\\postgresql.auto.conf to;

listen_addresses = '*'

Bingo! After a postgres restart, remote access worked like a charm on both Windows servers.

NB Don't forget the Windows Firewall: Open port 5432 for remote access. Also check there are no firewalls in the network the block access to port 5432 from your remote client.

It would be nice if someone were able to tell me how I should have changed the parameter without editing the postgresql.auto.conf, but at least both of my framesworks - both on the local and the remote server - are working.

Answer 2

To open the port 5432 edit your /Program Files/PostgreSQL/10/data/postgresql.conf and change

# Connection Settings -

listen_addresses = '*'          # what IP address(es) to listen on;

In /Program Files/PostgreSQL/10/data/pg_hba.conf

# IPv4 local connections:
host    all             all             0.0.0.0/0           md5

Now restate the Postgres server use cmd

pg_ctl -D "C:\Program Files\PostgreSQL\10\data" restart

Answer 3

这是不正确的语法： myip不是 IP 地址，并且缺少它之后的/32 。