Re: mysql remote connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On some distro mysql doest not listen on tcp 
check this with :
	netstat -ltp
you may have to enable it in mysql.conf

BR,

Le lun 01/03/2004 à 21:04, Robert Gil a écrit :
> mysql port is 3306.... its currently running on the same box as the firewall
> just for testing purposes... but i cant figure out why i cant connect
> remotely.. im sure its just a careless mistake somewhere or a mixup.. if
> somone can just take a quick peek i would appreciate it alot.
> 
> # Start With Everything Closed
> iptables -P INPUT DROP
> iptables -P FORWARD DROP
> iptables -P OUTPUT ACCEPT
> 
> # Connection Tracking
> #TCP
> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
> 
> #ICMP
> iptables -A OUTPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED -j
> ACCEPT
> iptables -A INPUT -p icmp -m state --state ESTABLISHED,RELATED  -j ACCEPT
> 
> # Open Ports
> 
> iptables -A INPUT -j ACCEPT -p tcp --dport 80
> iptables -A INPUT -j ACCEPT -p tcp --dport 21
> iptables -A INPUT -j ACCEPT -p tcp --dport 110
> iptables -A INPUT -j ACCEPT -p tcp --dport 25
> iptables -A INPUT -j ACCEPT -p tcp --dport 22
> iptables -A INPUT -j ACCEPT -p tcp --dport 3389
> iptables -A INPUT -j ACCEPT -p tcp --dport 3306
> iptables -A INPUT -j ACCEPT -p tcp --dport 2121
> iptables -A INPUT -j ACCEPT -p tcp --dport 53
> 
> # Masquerading and NAT
> iptables -t nat -A POSTROUTING -s 192.168.1.2 -j MASQUERADE
> iptables -A FORWARD -j ACCEPT -i eth1 -s 192.168.1.2
> iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
> 
> # Terminal Services Forwarding
> iptables -A FORWARD -j ACCEPT -p tcp --dport 3389
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3389 -j DNAT --to
> 192.168.1.2:3389
> 
> # MS BOX FTP Fowarding
> iptables -A FORWARD -j ACCEPT -p tcp --dport 2121
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2121 -j DNAT --to
> 192.168.1.2:2121
> 
> # Flood Protection
> # SYN
> iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
> 
> # Port Scan
> iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit
> 1/s -j ACCEPT
> 
> # Ping Of Death
> iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j
> ACCEPT
> 
> # Enable Forwarding
> echo 1 > /proc/sys/net/ipv4/ip_forward
> 
>
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux