Linux MySQL port cannot remotely access problems with firewall settings

Source: Internet
Author: User
Tags iptables

MySQL port cannot be accessed remotely under Linux firewall settings   the following only resolves iptables open port issues and does not address remote access permissions for MySQL database account. Linux iptables open MySQL port allows remote access to modify the firewall configuration file: VI  /etc/sysconfig/iptables Add the following line:-A rh-firewall-1-input-m state–state New-m  tcp-p Tcp–dport 3306-j Accept or use command iptables-a rh-firewall-1-input-m state–state new-m  tcp-p TCP –dport 3306-j Accept Save configuration, otherwise restart does not take effect service Iptables save restart Iptableservice  iptables Restart then you can access MySQL from other machines. The 3306-Port line must not be able to find the problem before icmp-host-prohibited, configured with 3306 port can never access MySQL externally, shut down iptables. Finally found the problem. Iptables-l-N--line-number has a reject in rh-firewall-1-input that points to ICMP. The port to be opened must precede this rule: If you use input to load rh-firewall-1-input, you can put reject into rh-firewall-1-input, let INPUT first load the rules in Rh-firewal-1-input, and then load reject. or write the open rules for Port 3306 before rh-firewall-1-input in input. (Personally feel that the first kind of more convenient, after a rule can be added directly in the RH, no longer order problems.) The command to add REJECT is: iptables-a input-j REJECT--reject-with  icmp-host-prohibited attached to my configuration.  [[email protected] ~]# iptables-l-nchain INPUT (policy ACCEPT) target     Prot opt SOURCE               Destinationrh-firewall-1-input  all  -- 0.0.0.0/0            0.0.0.0/0reject     All  -- 0.0.0.0/0            0.0.0.0/0           Reject-with Icmp-host-prohibited chain FORWARD (Pol Icy ACCEPT) target     prot opt source               destinationrh-firewall-1- INPUT  all  -- 0.0.0.0/0            0.0.0.0/0 chain OUTPUT (Policy acce PT) target     prot opt source               Destinationrh-firewall-1-output & Nbsp;all  -- 0.0.0.0/0            0.0.0.0/0 chain Rh-firewall-1-input (2 re ferences) target     prot opt source               destinationaccept   &N Bsp All  -- 0.0.0.0/0            0.0.0.0/0accept     ICMP-- 0.0.0.0/0     &NBSP ;      0.0.0.0/0           ICMP type 255ACCEPT     ESP  -- 0.0. 0.0/0            0.0.0.0/0accept     AH  -- 0.0.0.0/0     &N Bsp      0.0.0.0/0accept     UDP  -- 0.0.0.0/0            22 4.0.0.251         UDP dpt:5353accept     UDP  -- 0.0.0.0/0       & nbsp    0.0.0.0/0           UDP dpt:631accept     TCP  -- 0.0.0.0/0 &NB Sp          0.0.0.0/0           TCP dpt:631accept     all  - - 0.0.0.0/0            0.0.0.0/0           State Related,esta BlishedACCEPT     TCP  -- 0.0.0.0/0            0.0.0.0/0           State NEW TCP dpt:21accept     TCP  -- 0.0.0.0/0           &NB sp;0.0.0.0/0           State NEW TCP dpt:22accept     TCP  -- 0.0.0.0/0 &nbs P          0.0.0.0/0           State NEW TCP dpt:80accept     TC P  -- 0.0.0.0/0            0.0.0.0/0           State NEW TCP dpt:3306

Problematic firewall settings for MySQL ports that cannot be accessed remotely under Linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.