Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Maxim2019-11-18 07:48:58
PostgreSQL
Maxim, 2019-11-18 07:48:58

Firewall-cmd and PostgreSQL. Why is the added port closed?

Hello.
PostgreSQL server address: 10.0.0.2/24
Server address with application: 10.0.0.4/24
There is an application on a remote server that uses a PostgreSQL database.
On the PostgreSQL server added the rule:

firewall-cmd --add-service=postgresql --zone=internal --permanent

PostgreSQL is running and listening on port 5432/TCP:
[[email protected] tmp]# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:10050           0.0.0.0:*               LISTEN      1037/zabbix_agentd
tcp        0      0 0.0.0.0:10051           0.0.0.0:*               LISTEN      1050/zabbix_server
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1256/sshd
tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      1047/postmaster
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      8340/master

Rule added:
internal (active)
target: default
icmp-block-inversion: no
interfaces: eth1
sources:
services: postgresql samba-client ssh zabbix-agent zabbix-server
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
On the server with the application, check the open ports of the PostgreSQL server:
[[email protected] tmp]# nmap -p 1-65535 -T4 -A -v 10.0.0.2

Starting Nmap 6.40 ( http://nmap.org ) at 2019-11-18 14:33 +10

Host is up (0.0017s latency).
Not shown: 65531 filtered ports
PORT      STATE  SERVICE    VERSION
22/tcp    open   ssh        OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey: 2048 b7:38:26:2e:32:94:26:ea:80:38:bb:22:1b:78:f6:4e (RSA)
|_256 26:1e:f8:a7:c7:75:9f:7f:7a:81:fc:09:ee:85:38:6d (ECDSA)
5432/tcp  closed postgresql
10050/tcp open   tcpwrapped
10051/tcp open   tcpwrapped

nmap sees the port, but for some reason it is closed.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

[[+comments_count]] answer(s)
Report
M
Maxim, 2019-11-18
@MaxRAF

I'll answer myself)
Solution:
Since I have two interfaces eth0 and eth1, in my case it is necessary to add the address of the eth1 interface in the postgresql.conf file in the line listen_addresses = address.

Report
K
ky0, 2019-11-18
@ky0

I will answer your wrong answer.
This was not because you have two interfaces, but because, judging by the listing, it only listened locally, as happens by default .

Similar questions
M
Menaskop2017-07-09 03:41:20
Quantum computer and Bitcoin: what will happen? 2Reply
M
McMike2016-11-11 08:26:39
How to convert empty string to 0 in postgres? 1Reply
F
Fires2016-11-12 18:22:08
How to implement oAuth2 authorization in Spring-Boot + Gradle + PostgreSQL? 0Reply
V
vbNoName2019-04-11 20:03:28
How to select users whose first comment falls within a given range? 2Reply
H
hesy2019-04-15 10:42:57
What does this error say? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question