Oracle11gR2限制指定IP访问

小袁搬码2024-01-15 22:29

Oracle11gR2限制指定的IP访问

1. 环境说明

Oracle数据库版本: Oracle11gR2

安装位置:E:\app\product

1. 先停止监听

shell 复制代码 
lsnrctl stop

2. 配置监听文件

  1. 编辑文件:E:\app\product\11.2.0\dbhome_1\NETWORK\ADMIN\sqlnet.ora
shell 复制代码 
# This file is actually generated by netca. But if customers choose to 
# install "Software Only", this file wont exist and without the native 
# authentication, they will not be able to connect to the database on NT.

SQLNET.AUTHENTICATION_SERVICES = (NTS)

tcp.validnode_checking = yes
tcp.invited_nodes = (192.168.1.115,localhost,127.0.0.1,192.168.1.16)
  1. 配置说明
shell 复制代码 
tcp.validnode_checking = yes
#tcp.invited_nodes=() #允许访问的IP列表或主机名,用逗号分隔
如:tcp.invited_nodes=(10.10.10.115)
#这里需要注意的是必须把本机ip地址加进来(不能写成localhost和127.0.0.1),否则监听启动会报错
#tcp.excluded_nodes=() #限制访问的IP列表或主机名,用逗号分隔

#说明:
#同时使用tcp.invited_nodes和tcp.excluded_nodes,则会以tcp.invited_nodes为主
# 支持通配符,如tcp.invited_nodes = (192.168.1.*,192.168.1.23/22) 
# 只能限制TCP协议
# 需要重启监听生效:
lsnrctl stop
lsnrctl start
  1. 配置后,如果非允许的主机IP连接数据库时,会提示 ORA-12537: TNS:lost contact 或中文提示 ORA-12537: TNS:连接关闭

3. tnsnames.ora中配置IP

E:\app\product\11.2.0\dbhome_1\NETWORK\ADMIN\tnsnames.ora

shell 复制代码 
# tnsnames.ora Network Configuration File: D:\Program Files\instantclient_12_2\NETWORK\ADMIN\tnsnames.ora
# Generated by Oracle configuration tools.

LISTENER_ORCL =
  (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.115)(PORT = 1521))

ORCL =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = orcl)
    )
  )

ORCL249 =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.249)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = orcl)
    )
  )

4 .重启监听

shell 复制代码 
lsnrctl stop
lsnrctl start

2. 常见问题

1. 开启Oracle的IP访问限制后错误提示

shell 复制代码 
tcp.validnode_checking = yes
tcp.invited_nodes = (192.168.1.115,localhost,127.0.0.1)

1. PL/SQLdevelper连接错误提示

tex 复制代码 
ORA-12541: TNS:监听程序当前无法识别连接描述符中请求的服务

2. Java代码连接数据库错误提示

ORA-12505, TNS:listener does not currently know of SID given in connect descriptor

java 复制代码 
Connected to the target VM, address: '127.0.0.1:51801', transport: 'socket'
java.sql.SQLException: Listener refused the connection with the following error:
ORA-12505, TNS:listener does not currently know of SID given in connect descriptor
 
	at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:458)
	at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:546)
	at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:236)
	at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
	at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521)
	at java.sql.DriverManager.getConnection(DriverManager.java:664)
	at java.sql.DriverManager.getConnection(DriverManager.java:247)
	at com.yuan.OracleDBConnect.oracle(OracleDBConnect.java:15)
	at com.yuan.OracleDBConnect.main(OracleDBConnect.java:8)
Caused by: oracle.net.ns.NetException: Listener refused the connection with the following error:
ORA-12505, TNS:listener does not currently know of SID given in connect descriptor
 
	at oracle.net.ns.NSProtocol.connect(NSProtocol.java:395)
	at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1102)
	at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:320)
	... 8 more
Disconnected from the target VM, address: '127.0.0.1:51801', transport: 'socket'

Process finished with exit code 0

2. 解决方法

在:E:\app\product\11.2.0\dbhome_1\NETWORK\ADMIN\listener.ora文件中加入下面信息

(SID_DESC =

(GLOBAL_DBNAME = orcl)

(ORACLE_HOME = E:\app\product\11.2.0\dbhome_1)

(SID_NAME = ORCL)

)

listener.ora完整内容如下

shell 复制代码 
# listener.ora Network Configuration File: E:\app\product\11.2.0\dbhome_1\NETWORK\ADMIN\listener.ora
# Generated by Oracle configuration tools.

SID_LIST_LISTENER =
  (SID_LIST =
    (SID_DESC =
    (GLOBAL_DBNAME = orcl)
     (ORACLE_HOME = E:\app\product\11.2.0\dbhome_1)
     (SID_NAME = ORCL)
     )
    (SID_DESC =
      (SID_NAME = CLRExtProc)
      (ORACLE_HOME = E:\app\product\11.2.0\dbhome_1)
      (PROGRAM = extproc)
      (ENVS = "EXTPROC_DLLS=ONLY:E:\app\product\11.2.0\dbhome_1\bin\oraclr12.dll")
    )
  )

LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.115)(PORT = 1521))
	  (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
    )
  )
相关推荐
技术卷9 分钟前
详解力扣高频SQL50题之619. 只出现一次的最大数字【简单】
sql·leetcode·oracle
老华带你飞25 分钟前
口腔助手|口腔挂号预约小程序|基于微信小程序的口腔门诊预约系统的设计与实现(源码+数据库+文档)
java·数据库·微信小程序·小程序·论文·毕设·口腔小程序
hqxstudying35 分钟前
J2EE模式---服务层模式
java·数据库·后端·spring·oracle·java-ee
Yu_Lijing37 分钟前
MySQL进阶学习与初阶复习第四天
数据库·学习·mysql
大熊程序猿1 小时前
net8.0一键创建支持(Orm-Sqlite-MySql-SqlServer)
数据库·mysql·sqlite
-SGlow-10 小时前
MySQL相关概念和易错知识点(2)(表结构的操作、数据类型、约束)
linux·运维·服务器·数据库·mysql
明月56610 小时前
Oracle 误删数据恢复
数据库·oracle
♡喜欢做梦12 小时前
【MySQL】深入浅出事务:保证数据一致性的核心武器
数据库·mysql
遇见你的雩风12 小时前
MySQL的认识与基本操作
数据库·mysql
dblens 数据库管理和开发工具12 小时前
MySQL新增字段DDL:锁表全解析、避坑指南与实战案例
数据库·mysql·dblens·dblens mysql·数据库连接管理
热门推荐
01Qwen3-Coder 快速上手教程 | Qwen Code + Claude Code02vue数据变化但页面不变03全球最强模型Grok4,国内已可免费使用!(附教程)04KGG转MP3工具|非KGM文件|解密音频05扣子开源本地部署教程 丨Coze智能体小白喂饭级指南06sqli-labs 靶场 less-8、9、10 第八关到第十关详解:布尔注入,时间注入07干翻 Typora!MilkUp:完全免费的桌面端 Markdown 编辑器!08【2025.7.18】更新vscode后所有.vue文件template标签后报红的临时解决办法,Vue - Official 插件3.0.2导致09Claude Code用不了?来试下Qwen3-Coder加持的Qwen Code吧10ChatGPT Agent 完全使用指南:2025年7月最新功能详解