Quantcast

SQuirrel connection problem to Postgres database

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

SQuirrel connection problem to Postgres database

Markus Metz
Dear all:

I am in the trouble shooting mode and need to start somewhere.So I am turning to you for some advice.
I searched the web and all what I tried did not work. So please bear with me:

I trying to access a database on a linux machine from a windows computer using SQuirrel:
postgres version 9.4.5
Squirrell version 3.7

However, I am getting the error message on SQuirrel:
This is the error message I am getting:

Java.util.concurrent.ExecutionException: java.lang.RuntimeException: org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at java.util.concurrent.FutureTask.report(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.awaitConnection(OpenConnectionCommand.java:132)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.access$100(OpenConnectionCommand.java:45)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand$2.run(OpenConnectionCommand.java:115)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

This is what I have done on the postgres front:
a) Changed postgresql.conf: listen_addresses = '*'
b) edited pg_hba.conf: host all all 127.0.0.1/32 trust
    host all all 0.0.0.0/0 trust
c) The server is running and listening at the correct port (5432) on the linux site:
   ps -efl | grep postgres
    netstat -nlp | grep postgres

In SQirrell I installed the postgres driver and created an alias defining
jdbc:postgresql://hostname/db

Do you happen to know what is going on?

Any input is highly appreciated,

Markus



------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SQuirrel connection problem to Postgres database

Alexandre Peshansky
Can you 
telnet 10.2.44.27 5432
from your Windows machine? In other words, is DB server reachable on this port?
Also, I'm not Postgress expert, but do the settings in pg_hba.conf
host all all 0.0.0.0/0 trust
really mean "accept connection from any IP address"?

Sent from my iPhone

On Apr 21, 2016, at 3:20 PM, Markus Metz <[hidden email]> wrote:

Dear all:

I am in the trouble shooting mode and need to start somewhere.So I am turning to you for some advice.
I searched the web and all what I tried did not work. So please bear with me:

I trying to access a database on a linux machine from a windows computer using SQuirrel:
postgres version 9.4.5
Squirrell version 3.7

However, I am getting the error message on SQuirrel:
This is the error message I am getting:

Java.util.concurrent.ExecutionException: java.lang.RuntimeException: org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at java.util.concurrent.FutureTask.report(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.awaitConnection(OpenConnectionCommand.java:132)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.access$100(OpenConnectionCommand.java:45)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand$2.run(OpenConnectionCommand.java:115)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

This is what I have done on the postgres front:
a) Changed postgresql.conf: listen_addresses = '*'
b) edited pg_hba.conf: host all all 127.0.0.1/32 trust
    host all all 0.0.0.0/0 trust
c) The server is running and listening at the correct port (5432) on the linux site:
   ps -efl | grep postgres
    netstat -nlp | grep postgres

In SQirrell I installed the postgres driver and created an alias defining
jdbc:postgresql://hostname/db

Do you happen to know what is going on?

Any input is highly appreciated,

Markus


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SQuirrel connection problem to Postgres database

Markus Metz
I can log into the server with ssh according to 

Based on this the port 5432 is available.


My understanding is that "listen_addresses = '*'" takes care of this.

Markus

On Thu, Apr 21, 2016 at 2:06 PM, Alexandre Peshansky <[hidden email]> wrote:
Can you 
telnet 10.2.44.27 5432
from your Windows machine? In other words, is DB server reachable on this port?
Also, I'm not Postgress expert, but do the settings in pg_hba.conf
host all all 0.0.0.0/0 trust
really mean "accept connection from any IP address"?

Sent from my iPhone

On Apr 21, 2016, at 3:20 PM, Markus Metz <[hidden email]> wrote:

Dear all:

I am in the trouble shooting mode and need to start somewhere.So I am turning to you for some advice.
I searched the web and all what I tried did not work. So please bear with me:

I trying to access a database on a linux machine from a windows computer using SQuirrel:
postgres version 9.4.5
Squirrell version 3.7

However, I am getting the error message on SQuirrel:
This is the error message I am getting:

Java.util.concurrent.ExecutionException: java.lang.RuntimeException: org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at java.util.concurrent.FutureTask.report(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.awaitConnection(OpenConnectionCommand.java:132)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.access$100(OpenConnectionCommand.java:45)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand$2.run(OpenConnectionCommand.java:115)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

This is what I have done on the postgres front:
a) Changed postgresql.conf: listen_addresses = '*'
b) edited pg_hba.conf: host all all 127.0.0.1/32 trust
    host all all 0.0.0.0/0 trust
c) The server is running and listening at the correct port (5432) on the linux site:
   ps -efl | grep postgres
    netstat -nlp | grep postgres

In SQirrell I installed the postgres driver and created an alias defining
jdbc:postgresql://hostname/db

Do you happen to know what is going on?

Any input is highly appreciated,

Markus


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SQuirrel connection problem to Postgres database

Alexandre Peshansky
Markus,
I believe you misread the article. IMHO it serves to bypass situations like "traffic via port 5432 is blocked". As SQuirreL does not use SSH tunneling, AFAIK, you need to check whether your Windows machine can talk to port 5432 on your Linux machine. 

Sent from my iPhone

On Apr 21, 2016, at 5:10 PM, Markus Metz <[hidden email]> wrote:

I can log into the server with ssh according to 

Based on this the port 5432 is available.


My understanding is that "listen_addresses = '*'" takes care of this.

Markus

On Thu, Apr 21, 2016 at 2:06 PM, Alexandre Peshansky <[hidden email]> wrote:
Can you 
telnet 10.2.44.27 5432
from your Windows machine? In other words, is DB server reachable on this port?
Also, I'm not Postgress expert, but do the settings in pg_hba.conf
host all all 0.0.0.0/0 trust
really mean "accept connection from any IP address"?

Sent from my iPhone

On Apr 21, 2016, at 3:20 PM, Markus Metz <[hidden email]> wrote:

Dear all:

I am in the trouble shooting mode and need to start somewhere.So I am turning to you for some advice.
I searched the web and all what I tried did not work. So please bear with me:

I trying to access a database on a linux machine from a windows computer using SQuirrel:
postgres version 9.4.5
Squirrell version 3.7

However, I am getting the error message on SQuirrel:
This is the error message I am getting:

Java.util.concurrent.ExecutionException: java.lang.RuntimeException: org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at java.util.concurrent.FutureTask.report(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.awaitConnection(OpenConnectionCommand.java:132)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand.access$100(OpenConnectionCommand.java:45)
at net.sourceforge.squirrel_sql.client.mainframe.action.OpenConnectionCommand$2.run(OpenConnectionCommand.java:115)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

This is what I have done on the postgres front:
a) Changed postgresql.conf: listen_addresses = '*'
b) edited pg_hba.conf: host all all 127.0.0.1/32 trust
    host all all 0.0.0.0/0 trust
c) The server is running and listening at the correct port (5432) on the linux site:
   ps -efl | grep postgres
    netstat -nlp | grep postgres

In SQirrell I installed the postgres driver and created an alias defining
jdbc:postgresql://hostname/db

Do you happen to know what is going on?

Any input is highly appreciated,

Markus


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SQuirrel connection problem to Postgres database

John Hardin
In reply to this post by Markus Metz
On Thu, 21 Apr 2016, Markus Metz wrote:

> Java.util.concurrent.ExecutionException: java.lang.RuntimeException:
> org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432 refused.

Can you telnet to 10.2.44.27:5432 from the client? Granted you probably
won't be able to talk the postgres protocol, but that would confirm
whether or not you have basic network connectivity.

Just to confirm that squirrel actually is attempting to connect:
immediately after getting that error, on the client run a netstat command.
You *should* see a TCP connection with the database server's IP/name and
port number on the "far end".

You could also run something like "tcpdump -i eth0 tcp port 5432" on your
client (assuming *nix and needed privileges) to see whether it's trying a
network connection.

--
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  [hidden email]    FALaholic #11174     pgpk -a [hidden email]
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   Phobias should not be the basis for laws.
-----------------------------------------------------------------------
  2 days until Max Planck's 158th birthday

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SQuirrel connection problem to Postgres database

Markus Metz
Hi John and others:

I used nmap:

nmap -p T:5432 localhost

ouput:
Port             state      Service
5432/tcp       open      postgresql

So, the port should be reachable.

I executed the tcpdump command on the linux server and ran squirell. This is the ouput:

14:36:32.1111111 IP hostname.58260 > hostname.postgres: Flags [S], seq 1111111111, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
14:36:35.222222 IP hostname.58260 > hostname.postgres: Flags [S], seq 1111111111, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
14:36:41.222222 IP hostname.58260 > hostname.postgres: Flags [S], seq 1111111111, win 8192, options [mss 1460,nop,nop,sackOK], length 0

Not sure what it means. Can you please help?

Thank you,
Markus

On Thu, Apr 21, 2016 at 2:33 PM, John Hardin <[hidden email]> wrote:
On Thu, 21 Apr 2016, Markus Metz wrote:

Java.util.concurrent.ExecutionException: java.lang.RuntimeException:
org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432 refused.

Can you telnet to 10.2.44.27:5432 from the client? Granted you probably won't be able to talk the postgres protocol, but that would confirm whether or not you have basic network connectivity.

Just to confirm that squirrel actually is attempting to connect: immediately after getting that error, on the client run a netstat command. You *should* see a TCP connection with the database server's IP/name and port number on the "far end".

You could also run something like "tcpdump -i eth0 tcp port 5432" on your client (assuming *nix and needed privileges) to see whether it's trying a network connection.

--
 John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
 [hidden email]    FALaholic #11174     pgpk -a [hidden email]
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  Phobias should not be the basis for laws.
-----------------------------------------------------------------------
 2 days until Max Planck's 158th birthday


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SQuirrel connection problem to Postgres database

John Hardin
On Thu, 21 Apr 2016, Markus Metz wrote:

> Hi John and others:
>
> I used nmap:
>
> nmap -p T:5432 localhost
>
> ouput:
> Port             state      Service
> 5432/tcp       open      postgresql
>
> So, the port should be reachable.

Please clarify this detail: are you also running squirrel on the server
computer itself? I gather you're not from the discussion so far, please
tell us explicitly.

If you're not, run the nmap and telnet tests against the IP address
Squirrel is configured to use, **from the client computer**. If you're not
running Squirrel on the server, it's not relevant whether or not the
server can successfully talk to itself via localhost.

And if you *are* running Squirrel on the server itself, try configuring it
to connect to 127.0.0.1


> I executed the tcpdump command on the linux server and ran squirell. This
> is the ouput:
>
> 14:36:32.1111111 IP hostname.58260 > hostname.postgres: Flags [S], seq
> 1111111111, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK],
> length 0
> 14:36:35.222222 IP hostname.58260 > hostname.postgres: Flags [S], seq
> 1111111111, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK],
> length 0
> 14:36:41.222222 IP hostname.58260 > hostname.postgres: Flags [S], seq
> 1111111111, win 8192, options [mss 1460,nop,nop,sackOK], length 0

Apologies, add "-n" to the tcpdump command line and you'll get port
numbers and IP addresses rather than names. That may make it a little
easier to interpret.

It looks from that like the client is sending the initial packet of the
three-way TCP handshake and is not getting a response from the server
(there are no SYN/ACK packets in response). It retries twice more and
gives up.

However: this trace won't tell you if the server is sending ICMP port
unreachable responses, which is what I would expect if you're seeing
"connection denied" on the client end.

Run the nmap and telnet tests from the client end and see if they report
connectivity problems. And on the server run this tcpdump command to
capture a little more info:

  tcpdump -n -i eth0 ip host ip.address.of.client

Where "ip.address.of.client" is the client computer's IP address.

Then try to connect again.

I kinda expect to see the inbound TCP SYN (like above), and in response an
ICMP port unreachable packet (which would explain the "connection
refused").

> Not sure what it means. Can you please help?

Check the firewalling on the server, it may not be configured to allow
inbound traffic to the postgres port from that client / at all.


> Thank you,
> Markus
>
> On Thu, Apr 21, 2016 at 2:33 PM, John Hardin <[hidden email]> wrote:
>
>> On Thu, 21 Apr 2016, Markus Metz wrote:
>>
>> Java.util.concurrent.ExecutionException: java.lang.RuntimeException:
>>> org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432 refused.
>>>
>>
>> Can you telnet to 10.2.44.27:5432 from the client? Granted you probably
>> won't be able to talk the postgres protocol, but that would confirm whether
>> or not you have basic network connectivity.
>>
>> Just to confirm that squirrel actually is attempting to connect:
>> immediately after getting that error, on the client run a netstat command.
>> You *should* see a TCP connection with the database server's IP/name and
>> port number on the "far end".
>>
>> You could also run something like "tcpdump -i eth0 tcp port 5432" on your
>> client (assuming *nix and needed privileges) to see whether it's trying a
>> network connection.

--
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  [hidden email]    FALaholic #11174     pgpk -a [hidden email]
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   ...in the 2nd amendment the right to arms clause means you have
   the right to choose how many arms you want, and the militia clause
   means that Congress can punish you if the answer is "none."
                                 -- David Hardy, 2nd Amendment scholar
-----------------------------------------------------------------------
  2 days until Max Planck's 158th birthday

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SQuirrel connection problem to Postgres database

Markus Metz
Hello John :

You are the best!!!

You hinted at the correct issue, Sir:

The solution is that I needed to add the line
-A INPUT -p tcp --dport 5432 -j ACCEPT
to the /etc/sysconfig/iptables file.

Next 'sudo /etc/init.d/iptables restart'.

Please note my firewall was not set up.

Now I can see all data in my remote database.

Again, thank you very much.

Markus












On Thu, Apr 21, 2016 at 4:27 PM, John Hardin <[hidden email]> wrote:
On Thu, 21 Apr 2016, Markus Metz wrote:

Hi John and others:

I used nmap:

nmap -p T:5432 localhost

ouput:
Port             state      Service
5432/tcp       open      postgresql

So, the port should be reachable.

Please clarify this detail: are you also running squirrel on the server computer itself? I gather you're not from the discussion so far, please tell us explicitly.

If you're not, run the nmap and telnet tests against the IP address Squirrel is configured to use, **from the client computer**. If you're not running Squirrel on the server, it's not relevant whether or not the server can successfully talk to itself via localhost.

And if you *are* running Squirrel on the server itself, try configuring it to connect to 127.0.0.1


I executed the tcpdump command on the linux server and ran squirell. This
is the ouput:

14:36:32.1111111 IP hostname.58260 > hostname.postgres: Flags [S], seq
1111111111, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK],
length 0
14:36:35.222222 IP hostname.58260 > hostname.postgres: Flags [S], seq
1111111111, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK],
length 0
14:36:41.222222 IP hostname.58260 > hostname.postgres: Flags [S], seq
1111111111, win 8192, options [mss 1460,nop,nop,sackOK], length 0

Apologies, add "-n" to the tcpdump command line and you'll get port numbers and IP addresses rather than names. That may make it a little easier to interpret.

It looks from that like the client is sending the initial packet of the three-way TCP handshake and is not getting a response from the server (there are no SYN/ACK packets in response). It retries twice more and gives up.

However: this trace won't tell you if the server is sending ICMP port unreachable responses, which is what I would expect if you're seeing "connection denied" on the client end.

Run the nmap and telnet tests from the client end and see if they report connectivity problems. And on the server run this tcpdump command to capture a little more info:

        tcpdump -n -i eth0 ip host ip.address.of.client

Where "ip.address.of.client" is the client computer's IP address.

Then try to connect again.

I kinda expect to see the inbound TCP SYN (like above), and in response an ICMP port unreachable packet (which would explain the "connection refused").

Not sure what it means. Can you please help?

Check the firewalling on the server, it may not be configured to allow inbound traffic to the postgres port from that client / at all.


Thank you,
Markus

On Thu, Apr 21, 2016 at 2:33 PM, John Hardin <[hidden email]> wrote:

On Thu, 21 Apr 2016, Markus Metz wrote:

Java.util.concurrent.ExecutionException: java.lang.RuntimeException:
org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432 refused.


Can you telnet to 10.2.44.27:5432 from the client? Granted you probably
won't be able to talk the postgres protocol, but that would confirm whether
or not you have basic network connectivity.

Just to confirm that squirrel actually is attempting to connect:
immediately after getting that error, on the client run a netstat command.
You *should* see a TCP connection with the database server's IP/name and
port number on the "far end".

You could also run something like "tcpdump -i eth0 tcp port 5432" on your
client (assuming *nix and needed privileges) to see whether it's trying a
network connection.

--
 John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
 [hidden email]    FALaholic #11174     pgpk -a [hidden email]
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  ...in the 2nd amendment the right to arms clause means you have
  the right to choose how many arms you want, and the militia clause
  means that Congress can punish you if the answer is "none."
                                -- David Hardy, 2nd Amendment scholar

-----------------------------------------------------------------------
 2 days until Max Planck's 158th birthday


------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: SQuirrel connection problem to Postgres database

John Hardin
On Thu, 21 Apr 2016, Markus Metz wrote:

> Hello John :
>
> You are the best!!!
>
> You hinted at the correct issue, Sir:
>
> The solution is that I needed to add the line
> -A INPUT -p tcp --dport 5432 -j ACCEPT
> to the /etc/sysconfig/iptables file.

If your database server host can somehow be seen from the Internet, that
opens your postgres server to the entire world.

I'd strongly suggest something a little more limited, for example adding:

   -s 10.2.0.0/16

so that only traffic from your local network is permitted. (...assuming
that your client is also on the 10.2.x.x network...)


> Next 'sudo /etc/init.d/iptables restart'.
>
> Please note my firewall was not set up.
>
> Now I can see all data in my remote database.
>
> Again, thank you very much.

You're very welcome.

> Markus
>
>
> On Thu, Apr 21, 2016 at 4:27 PM, John Hardin <[hidden email]> wrote:
>
>> On Thu, 21 Apr 2016, Markus Metz wrote:
>>
>> Hi John and others:
>>>
>>> I used nmap:
>>>
>>> nmap -p T:5432 localhost
>>>
>>> ouput:
>>> Port             state      Service
>>> 5432/tcp       open      postgresql
>>>
>>> So, the port should be reachable.
>>>
>>
>> Please clarify this detail: are you also running squirrel on the server
>> computer itself? I gather you're not from the discussion so far, please
>> tell us explicitly.
>>
>> If you're not, run the nmap and telnet tests against the IP address
>> Squirrel is configured to use, **from the client computer**. If you're not
>> running Squirrel on the server, it's not relevant whether or not the server
>> can successfully talk to itself via localhost.
>>
>> And if you *are* running Squirrel on the server itself, try configuring it
>> to connect to 127.0.0.1
>>
>>
>> I executed the tcpdump command on the linux server and ran squirell. This
>>> is the ouput:
>>>
>>> 14:36:32.1111111 IP hostname.58260 > hostname.postgres: Flags [S], seq
>>> 1111111111, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK],
>>> length 0
>>> 14:36:35.222222 IP hostname.58260 > hostname.postgres: Flags [S], seq
>>> 1111111111, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK],
>>> length 0
>>> 14:36:41.222222 IP hostname.58260 > hostname.postgres: Flags [S], seq
>>> 1111111111, win 8192, options [mss 1460,nop,nop,sackOK], length 0
>>>
>>
>> Apologies, add "-n" to the tcpdump command line and you'll get port
>> numbers and IP addresses rather than names. That may make it a little
>> easier to interpret.
>>
>> It looks from that like the client is sending the initial packet of the
>> three-way TCP handshake and is not getting a response from the server
>> (there are no SYN/ACK packets in response). It retries twice more and gives
>> up.
>>
>> However: this trace won't tell you if the server is sending ICMP port
>> unreachable responses, which is what I would expect if you're seeing
>> "connection denied" on the client end.
>>
>> Run the nmap and telnet tests from the client end and see if they report
>> connectivity problems. And on the server run this tcpdump command to
>> capture a little more info:
>>
>>         tcpdump -n -i eth0 ip host ip.address.of.client
>>
>> Where "ip.address.of.client" is the client computer's IP address.
>>
>> Then try to connect again.
>>
>> I kinda expect to see the inbound TCP SYN (like above), and in response an
>> ICMP port unreachable packet (which would explain the "connection refused").
>>
>> Not sure what it means. Can you please help?
>>>
>>
>> Check the firewalling on the server, it may not be configured to allow
>> inbound traffic to the postgres port from that client / at all.
>>
>>
>> Thank you,
>>> Markus
>>>
>>> On Thu, Apr 21, 2016 at 2:33 PM, John Hardin <[hidden email]> wrote:
>>>
>>> On Thu, 21 Apr 2016, Markus Metz wrote:
>>>>
>>>> Java.util.concurrent.ExecutionException: java.lang.RuntimeException:
>>>>
>>>>> org.postgresql.util.PSQLException: Connection to 10.2.44.27:5432
>>>>> refused.
>>>>>
>>>>>
>>>> Can you telnet to 10.2.44.27:5432 from the client? Granted you probably
>>>> won't be able to talk the postgres protocol, but that would confirm
>>>> whether
>>>> or not you have basic network connectivity.
>>>>
>>>> Just to confirm that squirrel actually is attempting to connect:
>>>> immediately after getting that error, on the client run a netstat
>>>> command.
>>>> You *should* see a TCP connection with the database server's IP/name and
>>>> port number on the "far end".
>>>>
>>>> You could also run something like "tcpdump -i eth0 tcp port 5432" on your
>>>> client (assuming *nix and needed privileges) to see whether it's trying a
>>>> network connection.
>>>>

--
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  [hidden email]    FALaholic #11174     pgpk -a [hidden email]
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   The difference is that Unix has had thirty years of technical
   types demanding basic functionality of it. And the Macintosh has
   had fifteen years of interface fascist users shaping its progress.
   Windows has the hairpin turns of the Microsoft marketing machine
   and that's all.                                    -- Red Drag Diva
-----------------------------------------------------------------------
  2 days until Max Planck's 158th birthday

------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Squirrel-sql-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/squirrel-sql-users
Loading...