0

我在 CentOS 6.6 系统上安装了 postgres-9.4 数据库服务器。我正在尝试从我的笔记本电脑连接到这个服务器(连接到同一个网络。笔记本电脑的 ip 是 192.168.1.105。我正在运行psql -U postgres -h 192.168.1.52)。psql 命令失败并显示错误消息:

psql -U postgres -h 192.168.1.52
could not connect to server: COnnection refused
Is the server running on host 192.168.1.52 and accepting TCP/IP connection on port 5432?

我的配置:/var/lib/pgsql/9.4/data/pg_hba.conf

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer
# IPv4 local connections:
host    all             all             127.0.0.1/32            trust
host    all             all             192.168.0.0/16          trust
host    all             all             0.0.0.0/0               trust
# IPv6 local connections:
host    all             all             ::1/128                 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local   replication     postgres                                peer
#host    replication     postgres        127.0.0.1/32            ident
#host    replication     postgres        ::1/128                 ident

/etc/sysconfig/iptables:

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5432 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
COMMIT

我已经重新启动了 iptables 服务。

/var/lib/pgsql/9.4/data/postgresql.conf

listen_addresses = '*'
port = 5432

我重新启动服务器如下:

[root@cinch-database1 9.4]# service postgresql-9.4 restart
Stopping postgresql-9.4 service:                           [  OK  ]
Starting postgresql-9.4 service:                           [  OK  ]

ps aux 和 grep postgres 返回以下内容:

ps auxwww | grep postgres
postgres 11460  0.0  0.0 325096 14860 ?        S    01:36   0:00 /usr/pgsql-9.4/bin/postmaster -D /var/lib/pgsql/9.4/data
postgres 11463  0.0  0.0 180244  1264 ?        Ss   01:36   0:00 postgres: logger process                                
postgres 11465  0.0  0.0 325096  1564 ?        Ss   01:36   0:00 postgres: checkpointer process                          
postgres 11466  0.0  0.0 325096  2544 ?        Ss   01:36   0:00 postgres: writer process                                
postgres 11467  0.0  0.0 325096  1496 ?        Ss   01:36   0:00 postgres: wal writer process                            
postgres 11468  0.0  0.0 325508  2340 ?        Ss   01:36   0:00 postgres: autovacuum launcher process                   
postgres 11469  0.0  0.0 180376  1476 ?        Ss   01:36   0:00 postgres: stats collector process                       
root     11516  0.0  0.0 103252   844 pts/0    S+   01:41   0:00 grep postgres

当我在服务器上执行 netstat 并 grep 获取 5432 时,我什么也得不到:

netstat | grep 5432

netstat -tulnp返回这个:

tcp        0      0 0.0.0.0:5432                0.0.0.0:*                   LISTEN      13227/postmaster

'netstat -l|grep postgres' 的输出

[root@cinch-database1 pg_log]# netstat -l|grep postgres
tcp        0      0 *:postgres                  *:*                         LISTEN      
tcp        0      0 *:postgres                  *:*                         LISTEN

但如前所述,我笔记本电脑上的 psql 无法连接到服务器。

我错过了什么?

4

2 回答 2

1

这是一个防火墙问题。我不得不在序列的前面移动 iptables 文件中的以下两行:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 5432 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

新的iptables:

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5432 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

在此之后我重新启动了 iptables 服务:

service iptables restart

现在我可以从我的笔记本电脑连接到 postgres。

于 2014-12-31T09:30:17.503 回答
0

防火墙似乎阻止了您的连接,因此请尝试使用以下方法禁用防火墙:

sudo service iptables stop

然后如果通过,请正确设置。

于 2014-12-31T10:34:14.200 回答