Re: [GENERAL] PGSQL x iptables

inger Sent: Thursday, May 07, 2009 3:02 AM To: Slansky Lukas Cc: pgsql-general@postgresql.org Subject: Re: [GENERAL] PGSQL x iptables Slansky Lukas wrote: >> Craig Ringer wrote: >> >> After a long period of inactivity, perhaps? > > Is 15 seconds long period? I don't think so

Re: [GENERAL] PGSQL x iptables

Slansky Lukas wrote: Craig Ringer wrote: After a long period of inactivity, perhaps? Is 15 seconds long period? I don't think so. No. If you see a connection that was working 15 and active seconds ago suddenly die, it's not due to time-based state table expiry. Do you see anything in `dme

Re: [GENERAL] PGSQL x iptables

> Slansky Lukas wrote: > > > 1. -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > > > > 2. -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > > aaa.bbb.ccc.ddd --dport 5432 -j ACCEPT > > > > 3. -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

Re: [GENERAL] PGSQL x iptables

On Wed, May 6, 2009 at 3:47 AM, Craig Ringer wrote: > Slansky Lukas wrote: > >> 1. -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT >> >> 2. -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s >> aaa.bbb.ccc.ddd --dport 5432 -j ACCEPT >> >> 3. -A RH-Firewall-1-INPUT -

Re: [GENERAL] PGSQL x iptables

Slansky Lukas wrote: 1. -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 2. -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s aaa.bbb.ccc.ddd --dport 5432 -j ACCEPT 3. -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited I was wondering when

Re: [GENERAL] PGSQL x iptables

Slansky Lukas wrote: Hello, we’re using PG and Application Server (JBoss) on separate CentOS servers with Cisco PIX in between. On DB side is iptable with following relevant rules: 1. -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 2. -A RH-Firewall-1-INPUT -m state -