Postgres 9.6.1 accepts connections from not allowed Ip addresses

Hi, I wanted to report a bug that I found while using postgres 9.6.1.

Summary: The database accepts connections from addresses that were previously allowed but later on have been excluded in the postgresql.conf & pg_hba.conf files.

Step by step

1. Set up an environment where the postgresql.conf file is set to "listen_addresses = '*'" and pg_hba.conf includes the following line "host all all 0.0.0.0/0 md5" (This is just an example, the issue can be reproduced with a range of other ip addresses, like your local host).

2. Connect your application to the database and make sure everything is up and running.

3. Exclude the ip-address that is connected to the database from pg_hba.conf or listen_addresses. Eg if your application users ip address 192.168.1.1, comment (add a # or remove the entire row) the row you added in step 1 in the pg_hba.conf file and/or change listen_addresses to 'localhost'. Restart the service postgresql-x64-9.6 to be sure that the new settings are active.

4. The application is still connected to the database even though the access should be denied. As a matter of fact you are still able to write data to the database. Only when the remote application shuts its connection down and re-connects it is rejected by postgres.

This issue cannot be reproduced on postgres 9.3
OS: Windows 10

Best Regards Jan Ogrodowczyk, if you have any questions do not hesitate to ask.