Re: Acess Control !

Good morning pinker,

Thank you for approch, but i maked this teste:

1. Reject xpto connection from all adress and after acept xpto
connection from this adress - result = work good (lock connection for
xtpo come from other adress and acept from this adress)

# TYPE DATABASE USER ADDRESS METHOD
>
> host xpto system 10.72.18.0/24
> reject
>
> host xpto system 0.0.0.0/0
reject
host xpto system 10.75.15.60/32 md5

host all all *0.0.0.0/0
<http://0.0.0.0/0>* md5

1. acept xpto connection from especific adress and after reject from
all connection - result = (acept all connection, that come from all
adress )

# TYPE DATABASE USER ADDRESS METHOD
>
> host xpto system 10.75.15.60/32 md5
>
> host all all *0.0.0.0/0
<http://0.0.0.0/0>* md5
host xpto system
10.72.18.0/24 reject
host xpto system 0.0.0.0/0
reject

So, maybe the read come from up to down? or have other explanation? i don't
know, i use postgres 9.4.

2017-10-03 20:55 GMT-01:00 pinker <pinker(at)onet(dot)eu>:

> be careful with order change. This proposed by Scott was correct; yours
> will
> reject all the connections made by user system to xpto. Documentation says:
>
> > The first record with a matching connection type, client address,
> > requested database, and user name is used to perform authentication.
> There
> > is no "fall-through" or "backup": if one record is chosen and the
> > authentication fails, subsequent records are not considered.
>
>
>
>
>
> --
> Sent from: http://www.postgresql-archive.org/PostgreSQL-admin-f2076596.
> html
>
>
> --
> Sent via pgsql-admin mailing list (pgsql-admin(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-admin
>