How to modify sqlnet.ora file to restrict database access?
I am currently trying to restrict access to my database through listing the IP addresses with permission. I read that I should modify my sqlnet.ora file. The problem is I do not have this file. When I create it and specify the parameters, the listener gets whacked out and stops working after I try to stop and start it. I also read something about protocol.ora. Which file should I use? Is the sqlnet.ora file created on Oracle install?
The correct file to modify is the sqlnet.ora configuration file. This file is commonly found in the ORACLE_HOME/network/admin directory. If this file is not found there, look to see if you have a TNS_ADMIN environment variable pointing to a different directory. The sqlnet.ora configuration file is not created on install. It is created when the Network Configuration Assistant (netca) is run. The sqlnet.ora config file is not required as many of Oracle's networking products can run with the default options.
To configure Oracle for a specific set of IP addresses, you can add the TCP.EXCLUDED_NODES and/or TCP.INCLUDED_NODES parameters to your sqlnet.ora config file. For example, to exclude all IP address 220.127.116.11, add the following entry:
To include specific IP addresses, use the TCP.INCLUDED_NODES parameter. The list of included nodes takes precendence over the list of excluded nodes. For more information, please refer to the Oracle documentation.
After you have configured your excluded/included nodes, you also need to add the following:
If this stops the listener from working, then the most likely cause is that the above values were not entered correctly.
This was first published in November 2006