Re: [GENERAL] another can't connect
Thanks for you help found that this not connect problem is server wide. not just Isolated to postgresql. so tracking down what i did to mess it up :D BJ Freeman sent the following on 6/28/2009 8:23 PM: sorry about the post did not do a reply all and sent a personal replay yes in the chain I have ACCEPT all -- anywhere anywherestate RELATED,ESTABLISHED it is the next to last rule. Andrej sent the following on 6/28/2009 8:14 PM: 2009/6/29 BJ Freeman bjf...@free-man.net: ACCEPT tcp -- localhostlocalhost tcp dpt:postgres state NEW What about established connections? tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN is the only line for that port I think Chris meant What about iptables rules for established connection? ... Cheers, Andrej -- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=key=1237480locale=en_UStrk=tab_pro Systems Integrator. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] another can't connect--solved
added this to iptables ACCEPT all -- localhostlocalhost BJ Freeman sent the following on 6/28/2009 8:23 PM: sorry about the post did not do a reply all and sent a personal replay yes in the chain I have ACCEPT all -- anywhere anywherestate RELATED,ESTABLISHED it is the next to last rule. Andrej sent the following on 6/28/2009 8:14 PM: 2009/6/29 BJ Freeman bjf...@free-man.net: ACCEPT tcp -- localhostlocalhost tcp dpt:postgres state NEW What about established connections? tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN is the only line for that port I think Chris meant What about iptables rules for established connection? ... Cheers, Andrej -- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=key=1237480locale=en_UStrk=tab_pro Systems Integrator. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] another can't connect
BJ Freeman bjf...@free-man.net writes: sorry about the post did not do a reply all and sent a personal replay yes in the chain I have ACCEPT all -- anywhere anywherestate RELATED,ESTABLISHED it is the next to last rule. You sure that works? This notation for iptables isn't familiar to me, but I'd have thought you have to specify the state module. The comparable line in my iptables looks like -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT Come to think of it, the state NEW test in your other line would have to addressed to the state module as well. BTW, usual practice is to put the established-connections rule near the start of the chain, not the end, on the grounds that the majority of packets the kernel will see will match this rule and so you want to test it sooner rather than later. regards, tom lane -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
[GENERAL] another can't connect
PostgreSQL version 8.1.11 (With schemas) I have read the recent emails and believe I have covered all the bases from net stat tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 5091/postmaster I do a psql -h 127.0.0.1 -U ofbiz -d ofbiz from a terminal on the server. and get this after a time psql: could not connect to server: Connection timed out Is the server running on host 127.0.0.1 and accepting TCP/IP connections on port 5432? Note this was working till about Fri. then only thing I have been doing is adding to my IPtables. this is my Iptables hain INPUT (policy ACCEPT) target prot opt source destination LOGall -- anywhere anywhereLOG level debug prefix `BANDWIDTH_IN:' DROP icmp -- anywhere anywhere REJECT tcp -- anywhere anywheretcp dpt:5868 reject-with icmp-port-unreachable ACCEPT tcp -- anywhere anywheretcp dpt:ndmp ACCEPT tcp -- localhostlocalhost tcp dpt:postgres state NEW RH-Firewall-1-INPUT all -- anywhere anywhere REJECT all -- anywhere anywherereject-with icmp-port-unreachable there is not filtering on output. -- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=key=1237480locale=en_UStrk=tab_pro Systems Integrator. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] another can't connect
BJ Freeman wrote: PostgreSQL version 8.1.11 (With schemas) I have read the recent emails and believe I have covered all the bases from net stat tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 5091/postmaster I do a psql -h 127.0.0.1 -U ofbiz -d ofbiz from a terminal on the server. and get this after a time psql: could not connect to server: Connection timed out Is the server running on host 127.0.0.1 and accepting TCP/IP connections on port 5432? Note this was working till about Fri. then only thing I have been doing is adding to my IPtables. ACCEPT tcp -- localhostlocalhost tcp dpt:postgres state NEW What about established connections? -- Postgresql php tutorials http://www.designmagick.com/ -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] another can't connect
tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN is the only line for that port Chris sent the following on 6/28/2009 7:33 PM: BJ Freeman wrote: PostgreSQL version 8.1.11 (With schemas) I have read the recent emails and believe I have covered all the bases from net stat tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 5091/postmaster I do a psql -h 127.0.0.1 -U ofbiz -d ofbiz from a terminal on the server. and get this after a time psql: could not connect to server: Connection timed out Is the server running on host 127.0.0.1 and accepting TCP/IP connections on port 5432? Note this was working till about Fri. then only thing I have been doing is adding to my IPtables. ACCEPT tcp -- localhostlocalhost tcp dpt:postgres state NEW What about established connections? -- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=key=1237480locale=en_UStrk=tab_pro Systems Integrator. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] another can't connect
Please don't top-post, it's so hard to follow discussions. Chris sent the following on 6/28/2009 7:33 PM: BJ Freeman wrote: PostgreSQL version 8.1.11 (With schemas) I have read the recent emails and believe I have covered all the bases from net stat tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 5091/postmaster I do a psql -h 127.0.0.1 -U ofbiz -d ofbiz from a terminal on the server. and get this after a time psql: could not connect to server: Connection timed out Is the server running on host 127.0.0.1 and accepting TCP/IP connections on port 5432? Note this was working till about Fri. then only thing I have been doing is adding to my IPtables. ACCEPT tcp -- localhostlocalhost tcp dpt:postgres state NEW What about established connections? tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN is the only line for that port established connections for the firewall, not just new connections. see man iptables, --ctstate . -- Postgresql php tutorials http://www.designmagick.com/ -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] another can't connect
2009/6/29 BJ Freeman bjf...@free-man.net: ACCEPT tcp -- localhostlocalhost tcp dpt:postgres state NEW What about established connections? tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN is the only line for that port I think Chris meant What about iptables rules for established connection? ... Cheers, Andrej -- Please don't top post, and don't use HTML e-Mail :} Make your quotes concise. http://www.american.edu/econ/notes/htmlmail.htm -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
Re: [GENERAL] another can't connect
sorry about the post did not do a reply all and sent a personal replay yes in the chain I have ACCEPT all -- anywhere anywherestate RELATED,ESTABLISHED it is the next to last rule. Andrej sent the following on 6/28/2009 8:14 PM: 2009/6/29 BJ Freeman bjf...@free-man.net: ACCEPT tcp -- localhostlocalhost tcp dpt:postgres state NEW What about established connections? tcp0 0 127.0.0.1:5432 0.0.0.0:* LISTEN is the only line for that port I think Chris meant What about iptables rules for established connection? ... Cheers, Andrej -- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=key=1237480locale=en_UStrk=tab_pro Systems Integrator. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
