Document the purpose of the GUC listen_addresses.

author Bruce Momjian <bruce@momjian.us>

Sat, 3 Oct 2009 23:10:47 +0000 (23:10 +0000)

committer Bruce Momjian <bruce@momjian.us>

Sat, 3 Oct 2009 23:10:47 +0000 (23:10 +0000)
author Bruce Momjian <bruce@momjian.us>
Sat, 3 Oct 2009 23:10:47 +0000 (23:10 +0000)
committer Bruce Momjian <bruce@momjian.us>
Sat, 3 Oct 2009 23:10:47 +0000 (23:10 +0000)
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml

index b834ae411cb77f53ff6484aa23ef751bb387421b..a12a42b26903e96a7b23ebabe502854a48d0a02e 100644 (file)
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -329,8 +329,14 @@ SET ENABLE_SEQSCAN TO OFF;
           at all, in which case only Unix-domain sockets can be used to connect
           to it.
           The default value is <systemitem class="systemname">localhost</>,
-         which allows only local <quote>loopback</> connections to be made.
-         This parameter can only be set at server start.
+         which allows only local <quote>loopback</> connections to be
+         made.  While client authentication (<xref
+         linkend="client-authentication">) allows fine-grained control
+         over who can access the server, <varname>listen_addresses</varname>
+         controls which interfaces accept connection attempts, which
+         can help prevent repeated malicious connection requests on
+         insecure network interfaces.  This parameter can only be set
+         at server start.
         </para>
        </listitem>
       </varlistentry>
author	Bruce Momjian <bruce@momjian.us>
	Sat, 3 Oct 2009 23:10:47 +0000 (23:10 +0000)
committer	Bruce Momjian <bruce@momjian.us>
	Sat, 3 Oct 2009 23:10:47 +0000 (23:10 +0000)