Hi Timmy
You need to use CIDR form in your pg_hba.conf. So:
host all testuser 111.222.333.444/32 md5
Most likely you would probably want to ensure ssl connection if coming
over untrusted network. So, at minimum, this is better:
hostssl all testuser 111.222.333.444/32 md5
This is better still:
hostssl testdb testuser 111.222.333.444/32 md5
Better still (IMHO) is to keep it local and use ssh tunnel, but I
understand that might be difficult and not necessarily desirable,
depending on the context.
Regards
Bob
On Wed, 9 Oct 2019 at 13:34, Timmy Siu <timmy.siu@aol.com> wrote:
>
> Dear All Users,
>
> How do I allow an external client IP address access to my pgsql server?
>
> According to my own experience and test, if I set the external client IP address to, for example, 111.222.333.444 in
thefile /etc/postgresql/11/main/pg_hba.conf, it will not be able to connect to the server:
> #TYPE?????? DATABASE?????? ?? USER?????? ?????? ?????? ADDRESS?????? ?????? ?????? METHOD
> host?????? all?????? ?????? ?????? testuser ???? ?????? 111.222.333.444?????? md5
>
> I must set "address" to "any" as in the following:
> #TYPE?????? DATABASE?????? ?? USER?????? ?????? ?????? ADDRESS?????? ?????? METHOD
> host?????? all?????? ?????? ?????? testuser ???? ?????? 0.0.0.0/0?????? ?? md5
>
>
> Can I limit access to my pgsql server through TCP Wrapper? What is the related executable?
>
>
> Regards,
> Timmy
>
> ??