通过ufw disable远程 postgres 系统,我可以从本地系统进行连接
ufw enable但是,当我如下图所示时,连接不起作用:
C:\Users\HOME>telnet 80.240.24.195 5432
Connecting To 80.240.24.195...Could not open connection to the host, on port 5432: Connect failed
以下是我重新启动时的 postgres 配置。
猫 /etc/postgresql/12/main/postgresql.conf
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
port = 5432 # (change requires restart)
max_connections = 100 # (change requires restart)
#superuser_reserved_connections = 3 # (change requires restart)
unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories
猫 /etc/postgresql/12/main/pg_hba.conf
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all 0.0.0.0/0 md5
# IPv6 local connections:
host all all ::1/128 md5
当从 postgres 主机本身尝试时,telnet 可以工作,但是当我尝试从本地笔记本电脑建立连接时,它失败了。
root@DKERP:/# ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 22 ALLOW IN Anywhere
[ 2] 8069 ALLOW IN Anywhere
[ 3] 443/tcp DENY IN Anywhere
[ 4] 443 DENY IN Anywhere
[ 5] 80/tcp DENY IN Anywhere
[ 6] 80,443,5432/tcp DENY IN Anywhere
[ 7] 80 DENY IN Anywhere
[ 8] 4433/tcp DENY IN Anywhere
[ 9] 5432/tcp ALLOW IN Anywhere
[10] 22 (v6) ALLOW IN Anywhere (v6)
[11] 8069 (v6) ALLOW IN Anywhere (v6)
[12] 443/tcp (v6) DENY IN Anywhere (v6)
[13] 443 (v6) DENY IN Anywhere (v6)
[14] 80/tcp (v6) DENY IN Anywhere (v6)
[15] 80,443,5432/tcp (v6) DENY IN Anywhere (v6)
[16] 80 (v6) DENY IN Anywhere (v6)
[17] 4433/tcp (v6) DENY IN Anywhere (v6)
[18] 5432/tcp (v6) ALLOW IN Anywhere (v6)
您能否建议需要进一步做什么才能让 postgres 从我的本地笔记本电脑连接到工作?
答案1
ufw如输出中所示,其中有一个条目拒绝端口 5432。我删除了该条目并重新启动了服务以使其工作。
[ 6] 80,443,5432/tcp DENY IN Anywhere
ufw delete 6
ufw disable
ufw enable