限制IP 访问 Oracle 的步骤

限制IP 访问 Oracle 的方法

一.?sqlnet.ora文件在$ORACLE_HOME/network/admin???????????????????????????????

???????

1.1?（1）TCP.VALIDNODE_CHECKING

Purpose

????????????Note:

?????????????

（2）TCP.EXCLUDED_NODES

Purpose

??????Syntax

??????Example

??????（3）TCP.INVITED_NODES

Purpose

??????Syntax

??????Example

???????

From：

http://download.oracle.com/docs/cd/E11882_01/network.112/e10835/sqlnet.htm#NETRF238

1.2?[wangou@qs-test-web log]$ ifconfig eth0

eth0?????????????????????????????????????????????????????????????????????????????

1.2.1[wangou@qs-test-web log]$ sqlplus /nolog

SQL*Plus: Release 11.2.0.1.0 Production on D??ú?t 1?? 25 11:01:13 2011

SQL> select name from v$database;

NAME

---------

NEWCCS

1.2.2?tcp.validnode_checking=yes

#允许访问的IP

tcp.invited_nodes=(#注意这里的DB#禁止访问的IP

tcp.excluded_nodes=(192.168.2.*)

[wangou@qs-test-web log]$ sqlplus /nolog

SQL*Plus: Release 11.2.0.1.0 Production on D??ú?t 1?? 25 11:08:20 2011

ERROR:

ORA-12537: TNS: connection closed

当IP[wangou@qs-test-web log]$ oerr tns 12537

12537, 00000, "TNS:connection closed"

// *Cause: "End of file" condition has been reached; partner has disconnected.

// *Action: None needed; this is an information message.

1.2.3tcp.validnode_checking=yes

#允许访问的IP

tcp.invited_nodes=( daviddai,192.168.2.*)

#注意这里的DB#禁止访问的IP

tcp.excluded_nodes=(192.168.3.*)

[wangou@qs-test-web admin]$ sqlplus system/admin@dave;

Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> select name from v$database;

NAME

---------

NEWCCS

二.?

2.1create or replace trigger logon_audit

after logon on database

begin

if ora_client_ip_address='192.168.2.245' or ora_client_ip_address='192.168.3.115' then

raise_application_error(-20001,'该用户不允许登录',false);

----抛出自定义的错误

end if;

end;

注意：?

2.2?SQL> conn dave/dave@dave;

ERROR:

ORA-00604: error occurred at recursive SQL level 1

ORA-20001:ORA-06512:?在?line 4

限制IP 访问 Oracle 的步骤

热点推荐