On 06/19/2011 12:07 PM, David Resnick wrote:
Hi, I have a posgres instance configured to listen at the localhost default. I'm trying to enable port forwarding via iptables. I set up the following rule: iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport 5432 -j REDIRECT and can see that it is redirecting packets received at port 5432. But I am unable to establish a remote connection to the postgres instance.
The arguments "0/0" to source and destination make absolutely no sense. I assume you're trying to hide the real values? If not, there's your problem.
If your real rule has real IPs and ports, then you have other rules getting in the way. If iptables is correctly configured you should be getting a working connection. Most likely you have a port-based or IP-based OUTPUT or FORWARD rule that's dropping reply packets.
Use wireshark on the postgresql server to see whether it receives the transformed packets and if so whether it tries to reply to them. See what address and port is in the reply. Enable connection logging in postgresql and see if it logs any connection attempts.
-- Craig Ringer -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
