Linux MySQL port cannot remotely access problems with firewall settings

MySQL port cannot be accessed remotely under Linux firewall settings   the following only resolves iptables open port issues and does not address remote access permissions for MySQL database account. Linux iptables open MySQL port allows remote access to modify the firewall configuration file: VI  /etc/sysconfig/iptables Add the following line:-A rh-firewall-1-input-m state–state New-m  tcp-p Tcp–dport 3306-j Accept or use command iptables-a rh-firewall-1-input-m state–state new-m  tcp-p TCP –dport 3306-j Accept Save configuration, otherwise restart does not take effect service Iptables save restart Iptableservice  iptables Restart then you can access MySQL from other machines. The 3306-Port line must not be able to find the problem before icmp-host-prohibited, configured with 3306 port can never access MySQL externally, shut down iptables. Finally found the problem. Iptables-l-N--line-number has a reject in rh-firewall-1-input that points to ICMP. The port to be opened must precede this rule: If you use input to load rh-firewall-1-input, you can put reject into rh-firewall-1-input, let INPUT first load the rules in Rh-firewal-1-input, and then load reject. or write the open rules for Port 3306 before rh-firewall-1-input in input. (Personally feel that the first kind of more convenient, after a rule can be added directly in the RH, no longer order problems.) The command to add REJECT is: iptables-a input-j REJECT--reject-with  icmp-host-prohibited attached to my configuration.  [[email protected] ~]# iptables-l-nchain INPUT (policy ACCEPT) target     Prot opt SOURCE               Destinationrh-firewall-1-input  all  -- 0.0.0.0/0            0.0.0.0/0reject     All  -- 0.0.0.0/0            0.0.0.0/0           Reject-with Icmp-host-prohibited chain FORWARD (Pol Icy ACCEPT) target     prot opt source               destinationrh-firewall-1- INPUT  all  -- 0.0.0.0/0            0.0.0.0/0 chain OUTPUT (Policy acce PT) target     prot opt source               Destinationrh-firewall-1-output & Nbsp;all  -- 0.0.0.0/0            0.0.0.0/0 chain Rh-firewall-1-input (2 re ferences) target     prot opt source               destinationaccept   &N Bsp All  -- 0.0.0.0/0            0.0.0.0/0accept     ICMP-- 0.0.0.0/0     &NBSP ;      0.0.0.0/0           ICMP type 255ACCEPT     ESP  -- 0.0. 0.0/0            0.0.0.0/0accept     AH  -- 0.0.0.0/0     &N Bsp      0.0.0.0/0accept     UDP  -- 0.0.0.0/0            22 4.0.0.251         UDP dpt:5353accept     UDP  -- 0.0.0.0/0       & nbsp    0.0.0.0/0           UDP dpt:631accept     TCP  -- 0.0.0.0/0 &NB Sp          0.0.0.0/0           TCP dpt:631accept     all  - - 0.0.0.0/0            0.0.0.0/0           State Related,esta BlishedACCEPT     TCP  -- 0.0.0.0/0            0.0.0.0/0           State NEW TCP dpt:21accept     TCP  -- 0.0.0.0/0           &NB sp;0.0.0.0/0           State NEW TCP dpt:22accept     TCP  -- 0.0.0.0/0 &nbs P          0.0.0.0/0           State NEW TCP dpt:80accept     TC P  -- 0.0.0.0/0            0.0.0.0/0           State NEW TCP dpt:3306

Problematic firewall settings for MySQL ports that cannot be accessed remotely under Linux