Open Source RDBMS - Seamless, Scalable, Stable and Free

한국어 | Login |Register


1
(click on this box to dismiss)

How can I block all connections?(solved)

Hi,

How can I block all incoming connections? I want only accept connections from localhost.


link comment (0)
asked 2 years ago
castle79
60
1 Answer
2

Limiting Database Server Access 
Description 
To limit brokers and the CSQL Interpreter connecting to the database server, configure the parameter value of
access_ip_control in the cubrid.conf file to yes and enter the path of a file in which the list of IP addresses allowed to
access the access_ip_control_file parameter value is written. You should enter the absolute file path. If you enter the
relative path, the system will search the file under the $CUBRID/conf directory on Linux and under
the %CUBRID%\conf directory on Windows.

The following example shows how to configure the cubrid.conf file.
# cubrid.conf
access_ip_control=yes
access_ip_control_file="/home1/cubrid1/CUBRID/db.access"
The following example shows the format of the access_ip_control_file file.
[@<db_name>]
<ip_addr>

•  <db_name> : The name of a database in which access is allowed
•  <ip_addr> : The IP address allowed to access a database. Using an asterisk (*) at the last digit means that all IP
addresses are allowed. Several lines of <ip_addr> can be added in the next line of the name of a database.
To configure several databases, it is possible to specify additional [@<db_name>] and <ip_addr>.
Accessing any IP address except localhost is blocked by server if access_ip_control is configured to yes but
ip_control_file is not configured. A server will not run if analyzing access_ip_control_file fails caused by incorrect
format.
The following example shows access_ip_control_file.
[@dbname1]
10.10.10.10
10.156.*
 
[@dbname2]
*
 
[@dbname3]
192.168.1.15
The example above shows that dbname1 database allows the access of IP addresses starting with 10.156; dbname2
database allows the access of every IP address; dbname3 database allows the access of an IP address, 192.168.1.15, only.
For the database which has already been running, you can modify a configuration file or you can check the currently
applied status by using the following commands.
Syntax 
To change the contents of access_ip_control_file and apply it to server, use the following command.

Syntax 
To change the contents of access_ip_control_file and apply it to server, use the following command.
cubrid server acl reload <database_name>
•  database_name : Database name
To display the IP configuration of a sever which is currently running, use the following command.
cubrid server acl status <database_name>
•  database_name : Database name
Database Server Log 
The following log is created in the file of a server error log if an IP address that is not allowed to access is used.
Time: 10/29/10 17:32:42.360 - ERROR *** ERROR CODE = -1022, Tran = 0, CLIENT =
(unknown):(unknown)(-1), EID = 2
Address(10.24.18.66) is not authorized.
Note For details on how to limit an access to the broker server, see Limiting Broker Server Access.

link comment (1)
answered 2 years ago
castle79
60




You are either using a very old browser or a browser that is not supported.
In order to browse cubrid.org you need to have one of the following browsers:



Internet Explorer: Mozilla Firefox: Google Chrome: