| From: | Greg Stark <gsstark(at)mit(dot)edu> |
|---|---|
| To: | Andrew McMillan <andrew(at)morphoss(dot)com> |
| Cc: | dimitris(dot)sakellarios(at)telesuite(dot)gr, pgsql-php(at)postgresql(dot)org |
| Subject: | Re: How to select the source ip address for a connection to the database server |
| Date: | 2009-09-03 12:51:16 |
| Message-ID: | 407d949e0909030551x4d5374bo4311583d80e67eb2@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-php |
On Thu, Sep 3, 2009 at 12:31 PM, Andrew McMillan<andrew(at)morphoss(dot)com> wrote:
> Nope, unless you're root you're unlikely to be able to choose the source
> address for your connection, and even then it would be tricky.
I don't think you need to be root to select a source address. But
that's not helpful since libpq doesn't support binding to a particular
interface. That would be a useful feature and we should probably add
it to the TODO.
You should note that the source address isn't actually a very secure
way to protect your connections since any other host on that network
could spoof your address.
It sounds like what you're looking for is to control the interface the
packets are routed through. This is separate from the source address
as packets are often routed through multiple hosts along their way.
Routing rules are not something individual applications normally get
involved in. If the connections are being routed through the wrong
interface then you have a global problem, not just with the database
and it requires system-wide configuration changes.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dustin Butler | 2009-09-03 13:32:21 | Re: How to select the source ip address for a connection to the database server |
| Previous Message | Andrew McMillan | 2009-09-03 11:31:28 | Re: How to select the source ip address for a connection to the database server |