Please be aware that the SAP SQL Anywhere Forum will be shut down on August 29th, 2024 when all it's content will be migrated to the SAP Community.

How to limit the remote access to the database server?

5

I have seen the thread about how you can get in full control of your db server (Sample code: How to get full control over a SQL Anywhere server). My question is a little different, as I don't want to refuse any new connection to the database but only remote ones. So local connections should be still allowed, so that all your administrative tools still work on the server.

asked 24 Feb '10, 09:13

Martin's gravatar image

Martin
9.1k131170257
accept rate: 14%

3 Answers:
active answersoldest answersnewest answerspopular answers
11

Breck has given you the easy answer - use dbengX instead of dbsrvX - but you if want to continue to use the network server (and get full use of all CPUs), then you can start the server with: 

dbsrvX -x tcpip{localonly=yes} ...other-switches-and-options...

If you just want to temporarily disallow network connections, then you can start your server normally and create a login procedure that checks the CommLink connection parameter.

Example:

SET OPTION public.disallow_non_local_connections = 'NO';

CREATE PROCEDURE DBA.login_check( )
BEGIN
      DECLARE INVALID_LOGON EXCEPTION FOR SQLSTATE '28000';
      // check if non-local connections are allowed
      IF CONNECTION_PROPERTY( 'CommLink' ) != 'local'
         AND ( select setting 
                 from sysoption 
                where "option" = 'disallow_non_local_connections' ) = 'YES'
      THEN
          SIGNAL INVALID_LOGON;
      ELSE
          CALL sp_login_environment;
      END IF;
END;

GRANT EXECUTE ON DBA.login_check TO PUBLIC;

SET OPTION public.login_procedure='DBA.login_check';

Then to disallow non-local connections temporarily, execute:

SET OPTION public.disallow_non_local_connections = 'YES';

And to re-enable non-local connecitons, execute:

SET OPTION public.disallow_non_local_connections = 'NO';
permanent link

answered 24 Feb '10, 13:38

Mark%20Culp's gravatar image

Mark Culp
25.0k10142298
accept rate: 41%

Ah, the usage of user-defined options - something to remember now and then:)

(24 Feb '10, 15:06) Volker Barth

Nice! Me likey!

(24 Feb '10, 22:06) Calvin Allen

Thanks Mark, the solution for the temporary case was what I am looking for.

(26 Feb '10, 11:15) Martin
2

The easy way is to stop dbsrv*.exe, start dbeng*.exe which doesn't allow network connections.

Alas, the personal server is also limited to using one CPU. For all the differences see http://dcx.sybase.com/1101en/dbadmin_en11/introductionrunning.html

Or... did you mean WAN-versus-LAN?

I gave you a "network-versus-same-machine-connection" answer.

permanent link

answered 24 Feb '10, 09:50

Breck%20Carter's gravatar image

Breck Carter
32.5k5417271050
accept rate: 20%

2

AFAIK, there's a third possibility besides dbengX and dbsrvX -x TCPIP{localonly=yes}:

You can restrict TCP/IP connections altogether by dbsrvX -x none.

That enables only shared memory connections and won't even enable local TDS connections (as those require TCP/IP, e.g. jConnect). Take care as this may not support all variants of connections between local clients and services/terminal services, cf. the docs.

permanent link

answered 05 Jul '11, 08:58

Volker%20Barth's gravatar image

Volker Barth
40.5k365556827
accept rate: 34%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Question tags:

×9

question asked: 24 Feb '10, 09:13

question was seen: 3,575 times

last updated: 05 Jul '11, 08:58

Related questions

Windows Privleges Required to Install / Administrate SQL Anywhere on WIndows Server

how to resolve "Validation of table "maint_plan_report" has failed SQLSTATE: 40000 SQLCODE: -300"

Backup creating invalid database file

How to identify if ALTER DATABASE UPGRADE is necessary

Where do you get Database Admin training for SQLA?

Can I delay other transactions while I'm doing COMMITs?

DBA Best Practices for SQL Anywhere?

database repair (remove empty pages)