So I'm working on a ruby on rails project with a team, and they use ubuntu through vagrant to host the database (in postgresql), so all the rails commands are still executed from the host machine (windows).
Basically, I'm having troubles connecting the two ends, everytime I try to go on any page, it tells me
PG::ConnectionBad
could not connect to server: Cannot assign requested address (0x00002741/10049) Is the server running on host "0.0.0.0" and accepting TCP/IP connections on port 6543?
The Vagrantfile forwards the port 6543 to 5432
config.vm.network :forwarded_port, guest: 5432, host: 6543
and when I ssh into vagrant, it does indeed seem to be listening on that port:
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN
I don't know what's not working, I've even tried disabling the firewall to check whether that was the issue, but it wasn't.
I welcome any help that can be offered.
Thank you
EDIT: After reading this, I looked at my pg_hba.conf file, but it looks like it's allowing all connections:
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 0.0.0.0/0 trust
# IPv6 local connections:
host all all ::/0 trust
Related
My setup is:
Debian, Docker
Host machine running Protonmail Bridge as a service
Docker container running Discourse with their default recommended setup
Issue: From the Docker container, I cannot connect to the SMTP server exposed by the Protonmail Bridge on the host machine.
I checked open ports on the host machine, all good:
ss -plnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 127.0.0.1:1025 0.0.0.0:* users:(("proton-bridge",pid=953,fd=12))
How I test
Host machine:
openssl s_client -connect 127.0.01:1025 -starttls smtp
Works.
Docker container:
openssl s_client -connect 172.17.0.1:1025 -starttls smtp
Connection refused.
I’m wondering if the Protonmail Bridge service that’s listening on 127.0.0.1:1025 is not accepting connections from the Docker container because they are not coming from 127.0.0.1 exactly? If this is the problem, how to validate and fix? If this is not the problem, what am I doing wrong?
Other tests
nmap 127.0.0.1 on the host machine outputs:
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000010s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
1025/tcp open NFS-or-IIS
1042/tcp open afrog
Note that it lists the open port 1025.
nmap 172.17.0.1 in the docker container does not output any 1025 port. I'm not sure if this is the problem either.
Output of route in the Docker container:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.17.0.1 0.0.0.0 UG 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
This may be impossible currently, but should be solved by this pull request.
If you're comfortable compiling the proton-bridge package from source, you only have to change 1 line in the internal/bridge/constants.go file to say
Host = '127.0.0.1'
To
Host = '0.0.0.0'
Then recompile with make build-nogui (to build the "headless" version).
And you should be good to go!
I have a stack with docker-compose running on a VM.
Here is a sample output of my netstat -tulpn on the VM
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:9839 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:8484 0.0.0.0:* LISTEN
The docker is able to communicate with port 9839 (using 172.17.0.1) but not with port 8484.
Why is that?
That's because the program listening on port 8484 is bound to 127.0.0.1 meaning that it'll only accept connections from localhost.
The one listening on 9839 has bound to 0.0.0.0 meaning it'll accept connections from anywhere.
To make the one listening on 8484 accept connections from anywhere, you need to change what it's binding to. If it's something you've written yourself, you can change it in code. If it's not, there's probably a configuration setting your can set.
I’m using digitalocean to host my website and I'm trying to open the port 8832 and 587 without any success. I created a firewall in the control panel and added these to the inbound and outbound rules:
Custom TCP 587 All IPv4 All IPv6
Custom TCP 8832 All IPv4 All IPv6
HTTP TCP 80 All IPv4 All IPv6
HTTPS TCP 443 All IPv4 All IPv6
I also disabled ufw in my droplet:
ufw status verbose
Status: inactive
I also rebooted the droplet. However it seems to still block the ports 587 and 8832. Interestingly the ports 443 and 80 for the webserver are open. Can someone tell my why I can’t open these specific ports?
this affects the ip: 165.232.76.115
I figured out how to solve it by myself. I had to remove the firewall in the control panel and used the ufw software firewall instead. Don’t know why the control panel firewall didn’t work properly or maybe I used it wrong.
I have a fairly simple Rails app that connect to Postgres server (locally).
Uptil now, I was under the impression if not specified (socket in the database.yml) the pg client connect with postgres over TCP on a loopback interface.
Fyi,this is how my configuration looks like.
{:adapter=>"postgresql", :encoding=>"unicode", :database=>"scp_development"}
But I think I was wrong I can't sniff any packet over the loopback interface at port 5432.
sudo tcpdump -nnvvXSs 1514 -i lo0 dst port 5432
Which is letting me believe that it working over Unix domain socket.
So, is there a fairly reliable way to determine ...
Whether I'm connected to TCP socket or Unix socket?
There is server being set-up for one of my client, after installations of postgres when we run
the server we are encountering the error below. When I goggled for it there were a few solutions available but none worked for me, could you look into it and say what's happening.
Status: 500 Internal Server Error
FATAL: no pg_hba.conf entry for host "127.0.0.1", user "syr_admin", database "allprosh_production", SSL off
My pg_hba.conf file:
local all all md5
host samerole all 127.0.0.200 255.255.255.255 pam pamservice=postgresql_cpses
host samerole all 127.0.0.1 255.255.255.255 md5
local all postgres md5
host all postgres 127.0.0.1 255.255.255.255 md5
local all all trust
Thanks in Advance.
I figured it out myself, though it took a long time. The solution was simple, I just had to add an entry in the pg_hba.conf file for that particular user. This is what I did:
local all syr_admin md5
host all syr_admin 127.0.0.1 255.255.255.255 md5
Hope this helps others... :-)
I think that the just configuration is:
# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all 0.0.0.0/0 md5
If you want connect by other network use:
host all all network address/32 md5
use the two octet 192.159.0.0 for example
I reply here cause I can't comment your solution.
It is not mandatorry to add the entry to that specific user only. You can replace the option "samerole" with the database or all.
I'm seeing that 2 of the lines that you have are collisioning each other.
local all all md5
local all all trust
In this case, last line wins, so be careful to add unexpected behaviors on your access methods. If you want to ask the password for the universe on local, you must delete the last line.
Hope that this helps !
For the localhost authentification on PostgreSQL with the user postgres , your hba.conf must have this line :
# IPv6 local connections:
host all postgres ::1/128 trust
For to be sure, you can add this other line :
# IPv4 local connections:
host all postgres 127.0.0.1/32 trust
Note : You can change the method ao authentification from trust to md5 .