The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mysql + iptables = yay from remote server!

Discussion in 'General Discussion' started by jpeacock, Jan 10, 2007.

  1. jpeacock

    jpeacock Member

    Joined:
    May 17, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    so, i'm trying to allow a remote connection from another server, but don't want to completely open up port 3306 to the outside world. I'd rather reject at the firewall than reject using mysql's invalid login response.

    here's what i have so far but it doesn't come back as valid :
    Code:
    -A INPUT -p tcp -s some.ip.address --dport 3306 -m state --state NEW -j ACCEPT
    i can't seem to figure out how to allow INPUT and OUTPUT access from a specific IP for a specific port. could anyone shed some light on what I need to do?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You need to make sure the rule is higher up in the chain from the block on port 3306 so use -I instead of -A, other than that the format you have should be OK. This works:
    Code:
    iptables -I INPUT -p tcp -s 11.22.33.44 --dport 3306 -m state --state NEW -j ACCEPT
     
Loading...

Share This Page