| From: | Bo Peng <pengbo(at)sraoss(dot)co(dot)jp> |
|---|---|
| To: | "pgpool-hackers(at)lists(dot)postgresql(dot)org" <pgpool-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Proposal: Restrict watchdog and heartbeat receiver to listen only on configured addresses |
| Date: | 2025-08-18 00:30:00 |
| Message-ID: | TYWP286MB2633B3C651030A0A658D2597F236A@TYWP286MB2633.JPNP286.PROD.OUTLOOK.COM |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgpool-hackers |
Currently, both the watchdog and heartbeat receiver processes listen on all interfaces.
tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN 1428/pgpool: watchd
udp 0 0 0.0.0.0:9694 0.0.0.0:* 1453/pgpool: heartb
udp 0 0 0.0.0.0:9694 0.0.0.0:* 1444/pgpool: heartb
For security reasons, I propose to change this behavior so that they listen only on the addresses
specified by hostname and heartbeat_hostname.
tcp 0 0 192.168.101.101:9000 0.0.0.0:* LISTEN 727648/pgpool: watc
udp 0 0 192.168.101.101:9694 0.0.0.0:* 727664/pgpool: hear
udp 0 0 192.168.101.101:9694 0.0.0.0:* 727660/pgpool: hear
Patch is attached.
---
Bo Peng <pengbo(at)sraoss(dot)co(dot)jp>
SRA OSS K.K.
TEL: 03-5979-2701 FAX: 03-5979-2702
Mobile: 080-7752-0749
URL: https://www.sraoss.co.jp/
| Attachment | Content-Type | Size |
|---|---|---|
| watchdog_lifecheck_listen_addr_v1.patch | application/octet-stream | 11.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tatsuo Ishii | 2025-08-18 12:51:06 | Re: Proposal: recent access based routing for primary-replica setups |
| Previous Message | Nadav Shatz | 2025-08-17 13:27:59 | Proposal: recent access based routing for primary-replica setups |