Обсуждение: Basic question on 'reject' auth-method in pg_hba.conf
Hello All,
I'm new to postgresql, I have a basic question in using the 'reject' auth-method in pg_hba.conf.
I would like to reject a particular login from multiple range of IP addresses.
For example:
I want to reject login "test" from multiple IP ranges "100.101.13.0" & "200.101.13.0"
My questions:
1. Do I need to make separate entires like below ones or can I separate the IP address range using comma?
"host all test 100.101.13.0 reject"
2. If I make multiple entries to reject as above, how will it be treated, will the system read all the entries for the "test" login or will it stop after it finds the 1st entry for "test" login?
Can you please help with above questions.
Thanks,
Sathesh
--
Hello All,
I'm new to postgresql, I have a basic question in using the 'reject' auth-method in pg_hba.conf.
I would like to reject a particular login from multiple range of IP addresses.
For example:
I want to reject login "test" from multiple IP ranges "100.101.13.0" & "200.101.13.0"
My questions:
1. Do I need to make separate entires like below ones or can I separate the IP address range using comma?
"host all test 100.101.13.0 reject"
"host all test 200.101.13.0 reject"
2. If I make multiple entries to reject as above, how will it be treated, will the system read all the entries for the "test" login or will it stop after it finds the 1st entry for "test" login?
Can you please help with above questions.
Thanks,
Sathesh
Hi Jay,
Thanks for the response.
Just to confirm, do you mean I need to make entries to allow connections for “test” user apart from the reject ones?
I was under assumption that if I make the reject entries, all other connections coming apart from the reject IP’s will be accepted by default.
So, if I need to make entries for both “reject” & to allow connections for “test” user, which one should be on the top (reject entry or allow entry)
Please suggest.
Thanks,
Sathesh
From: John Scalia
Sent: Wednesday, November 30, 2016 10:22 PM
To: Sathesh S
Cc: pgsql-admin@postgresql.org
Subject: Re: [ADMIN] Basic question on 'reject' auth-method in pg_hba.conf
--
Hello All,
I'm new to postgresql, I have a basic question in using the 'reject' auth-method in pg_hba.conf.
I would like to reject a particular login from multiple range of IP addresses.
For example:
I want to reject login "test" from multiple IP ranges "100.101.13.0" & "200.101.13.0"
My questions:
1. Do I need to make separate entires like below ones or can I separate the IP address range using comma?
"host all test 100.101.13.0 reject"
"host all test 200.101.13.0 reject"
2. If I make multiple entries to reject as above, how will it be treated, will the system read all the entries for the "test" login or will it stop after it finds the 1st entry for "test" login?
Can you please help with above questions.
Thanks,
Sathesh