Linux/centos oracle10g control connection IP address, centosoracle10g
Oracle controls the IP address of the connected database
Simply set allowed IP addresses and prohibited IP addresses
In 9i and later, modifying sqlnet. ora is actually the best and fastest way.
1: Modify the sqlnet. ora File
In oracle of linux, the file sqlnet. ora is not used by default.
$ Cd $ ORACLE_HOME/network/admin
$ Vi sqlnet. ora
# Add the following parts
Tcp. validnode_checking = yes
# IP addresses allowed for access
Tcp. invited_nodes = (192.168.100.252, 192.168.100.253)
# IP addresses that are not allowed to access
Tcp. excluded_nodes = (192.168.100.222, 192.168.100.133)
2: restart the listener
$ Lsnrctl stop
$ Lsnrctl start
At this time, only clients with the IP address 192.168.100.252 and the IP address 192.168.100.253 can connect to the database. clients with the IP address 192.168.100.222 and the IP address 192.168.100.htm cannot connect to the database. When clients of other IP addresses use PL/SQL to connect to the database, the following error is displayed:
Notes:
1. You must set the parameter YES to activate the service.
2. It is recommended that you set the IP addresses that are allowed to be accessed, because the IP addresses may be modified at will and cannot be used for your own purposes.
3. the listener must be restarted to take effect.
4. This method is only applicable to the TCP protocol.
5. This configuration applies to 9i and later versions. Use the file protocol. ora in versions earlier than 9i.
6. directly connecting to the database on the server is not affected.
7. This restriction only applies to IP detection and is not supported for user name detection.
In linux (centos58), how does one change the Server IP address and DNS? Detailed code and Explanation
Temporary effective command
# Ifconfig eth0 192.168.0.22 netmask 255.255.255.0 (up)
Add the ip address and subnet mask of the first Nic
# Route add default gw 192.168.0.1 dev eth0
Add the first Nic of the gateway dev eth0 Device
Redhat Centos
Vi/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE = eth0 DEVICE name
BOOTPROTO = dhcp/static automatic retrieval/static IP
IPADDR = IP Address
NETMASK = mask
GATEWAY = GATEWAY
ONBOOT = yes boot enable Nic
# Service network restart the network
(NIC is not ifcfg-eth0 but em1, 2, 3
# Mv ifcfg-em1 ifcfg-eth0
# Vi ifcfg-eth0
DEVICE = em1
BOOTPROTO = dhcp/static automatic retrieval/static IP
IPADDR = IP Address
.....
.....
.....)
Without DNS configuration, the domain name cannot be resolved and only the ip address can be accessed.
Vi/etc/resolv. conf
Nameserver 8.8.8.8
You can add up to three nameserver 202. xx
Dual-ip configuration for a single Nic
Cp ifcfg-eth0 ifcfg-eth0: 1
Ifconfig eth0: 1 ip
This is my note
In centos linux, how does one prohibit ip addresses from accessing my http server using my DNS?
Iptables-I INPUT-s 192.168.0.0/24-p tcp -- dport 80-j DROP
This is just a network segment
Just follow this.
Block port 80!