本文介绍如何通过修改SQLNet配置文件来阻止特定IP地址连接到Oracle数据库,而不使用防火墙。通过设置tcp.validnode_checking参数开启IP验证,并通过tcp.invited_nodes和tcp.excluded_nodes参数指定允许或拒绝的IP地址。
If you want to block some connections from specifically ip address and not use fire wall, you can add some parameters in the sqlnet.ora that can achieve what you want.
for example:
/u02/oracle/product/9.2.0/network/admin/sqlnet.ora
# Generated by Oracle configuration tools.
NAMES.DEFAULT_DOMAIN = localdomain
NAMES.DIRECTORY_PATH= (TNSNAMES, ONAMES, HOSTNAME)
#This turns on the hostname/IP checking for your listeners
tcp.validnode_checking=yes
#invited nodes of the ip address
tcp.invited_nodes=(192.168.11.89,192.168.11.3)
#exclude a list of clients
tcp.excluded_nodes=(192.168.11.100)
remember,you need restart listener.
Just a small tip -:)
for example:
/u02/oracle/product/9.2.0/network/admin/sqlnet.ora
# Generated by Oracle configuration tools.
NAMES.DEFAULT_DOMAIN = localdomain
NAMES.DIRECTORY_PATH= (TNSNAMES, ONAMES, HOSTNAME)
#This turns on the hostname/IP checking for your listeners
tcp.validnode_checking=yes
#invited nodes of the ip address
tcp.invited_nodes=(192.168.11.89,192.168.11.3)
#exclude a list of clients
tcp.excluded_nodes=(192.168.11.100)
remember,you need restart listener.
Just a small tip -:)
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
