Re: Proposal: Restrict watchdog and heartbeat receiver to listen only on configured addresses

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Bo Peng <[email protected]>
To: [email protected] <[email protected]>
Subject: Re: Proposal: Restrict watchdog and heartbeat receiver to listen only on configured addresses
Date: Fri, 22 Aug 2025 04:41:55 +0000
Message-ID: <TYWP286MB2633F9922C322CB9D423B2A9F23DA@TYWP286MB2633.JPNP286.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <TYWP286MB2633B3C651030A0A658D2597F236A@TYWP286MB2633.JPNP286.PROD.OUTLOOK.COM>
References: <TYWP286MB2633B3C651030A0A658D2597F236A@TYWP286MB2633.JPNP286.PROD.OUTLOOK.COM>

Patch committed:

https://git.postgresql.org/gitweb/?p=pgpool2.git;a=commit;h=94b62a93c149bdaa7c546e387e479c287d3e10f9


________________________________________
差出人: Bo Peng <[email protected]>
送信: 2025 年 8 月 18 日 (月曜日) 9:30
宛先: [email protected] <[email protected]>
件名: Proposal: Restrict watchdog and heartbeat receiver to listen only on configured addresses


Currently, both the watchdog and heartbeat receiver processes listen on all interfaces.

    tcp         0      0 0.0.0.0:9000            0.0.0.0:*               LISTEN      1428/pgpool: watchd 
    udp        0      0 0.0.0.0:9694            0.0.0.0:*                                1453/pgpool: heartb 
    udp        0      0 0.0.0.0:9694            0.0.0.0:*                                1444/pgpool: heartb

For security reasons, I propose to change this behavior so that they listen only on the addresses
specified by hostname and heartbeat_hostname.

    tcp         0      0 192.168.101.101:9000      0.0.0.0:*               LISTEN      727648/pgpool: watc
    udp        0      0 192.168.101.101:9694      0.0.0.0:*                                727664/pgpool: hear 
    udp        0      0 192.168.101.101:9694      0.0.0.0:*                                727660/pgpool: hear

Patch is attached.
---
Bo Peng <[email protected]>
SRA OSS K.K.
TEL: 03-5979-2701 FAX: 03-5979-2702
Mobile: 080-7752-0749
URL: https://www.sraoss.co.jp/

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected]
  Subject: Re: Proposal: Restrict watchdog and heartbeat receiver to listen only on configured addresses
  In-Reply-To: <TYWP286MB2633F9922C322CB9D423B2A9F23DA@TYWP286MB2633.JPNP286.PROD.OUTLOOK.COM>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox