The usage of the valid node checking security feature is very similar to the TCP wrappers presented in Chapter 1, Operating System Security. Using this capability, you can deny or the allow connecting clients based on IP address or hostname.
Open
$ORACLE_HOME/network/admin/sqlnet.ora
and enable valid node checking by settingTCP.VALIDNODE_CKECINK
as follows:TCP.VALIDNODE_CHECKING=ON
Next, you can establish the hosts that will be allowed to connect by setting the
TCP.INVITED_NODES
parameter as follows:TCP.INVITED_NODES= {nodeorcl5}
After you add the invited nodes you must reload the listener configuration.
lsnrctl reload
If we want to establish a connection from a node that is not included in the invited node list, the
ORA-12537: TNS:connection closed
error will be thrown as follows:oraclient@nodeorcl2:~> sqlplus hr/hr@HCKDB SQL...