Good morning pinker,
Thank you for approch, but i maked this teste:
- Reject xpto connection from all adress and after acept xpto connection from this adress - result = work good (lock connection for xtpo come from other adress and acept from this adress)
# TYPE DATABASE USER ADDRESS METHOD
host xpto system 10.72.18.0/24 reject
host xpto system 0.0.0.0/0 reject
host xpto system 10.75.15.60/32 md5
host all all 0.0.0.0/0 md5
- acept xpto connection from especific adress and after reject from all connection - result = (acept all connection, that come from all adress )
# TYPE DATABASE USER ADDRESS METHOD
host xpto system 10.75.15.60/32 md5
host all all 0.0.0.0/0 md5
So, maybe the read come from up to down? or have other explanation? i don't know, i use postgres 9.4.
2017-10-03 20:55 GMT-01:00 pinker <pinker@xxxxxxx>:
be careful with order change. This proposed by Scott was correct; yours will
reject all the connections made by user system to xpto. Documentation says:
> The first record with a matching connection type, client address,
> requested database, and user name is used to perform authentication. There
> is no "fall-through" or "backup": if one record is chosen and the
> authentication fails, subsequent records are not considered.
--
Sent from: http://www.postgresql-archive.org/PostgreSQL-admin-f2076596. html
--
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
