Linux: Iptables Allow PostgreSQL server incoming request
PostgreSQL is an object relational database system that has the features of traditional commercial database systems with enhancements to be found in next-generation DBMS systems. PostgreSQL is free and the complete source code is available.
Open port 5432
By default PostgreSQLt listen on TCP port 5432. Use the following iptables rules allows incoming client request (open port 5432) for server IP address 202.54.1.20 :
iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 5432 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 5432 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
As posted earlier, you do not wish give access to everyone. For example in web hosting company or in your own development center, you need to gives access to POSTGRES database server from web server only. Following example allows POSTGRES database server access (202.54.1.20) from Apache web server (202.54.1.50) only:
iptables -A INPUT -p tcp -s 202.54.1.50 --sport 1024:65535 -d 202.54.1.20 --dport 5432 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 5432 -d 202.54.1.50 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
Allow outgoing POSTGRES client request (made via postgresql command line client or perl/php script), from firewall host 202.54.1.20:
iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 1024:65535 -d 0/0 --dport 5432 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 --sport 5432 -d 202.54.1.20 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
You may also be interested in other helpful articles:
- How Do I Enable remote access to PostgreSQL database server?
- Howto Setup PostgreSQL in the OpenSolaris OS
- Download of the day: PostgreSQL 8.3 Database Server
- Linux Iptables: How to specify a range of IP addresses or ports
- Linux Iptables allow or open IMAP server port
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: firewall_host, Iptables, open_port_5432, postgres_database



Recent Comments
Yesterday ~ 1 Comment
Yesterday ~ 50 Comments
Yesterday ~ 3 Comments
07/22/2008 08:38 pm (2 days ago) ~ 10 Comments
07/22/2008 09:02 am (2 days ago) ~ 8 Comments