want to access the MYSQL database remotely but when checking on yougetsignal(dot) com I get a message that port 3306 is closed.
Configuration: Fresh Server (Centos 6.4 64 bit with Zpanel installed)
Steps Already Taken:
Removed bind address from my.cnf
Tried adding bind address as server IP
Have edited the IPTABLES to keep the port open.
Forwarded the port from router
added port=3306 in /etc/my.cnf
Stopped IPTABLES
several restarts of mysqld after every change
restarts of IPTABLES after change
Nothing has worked so far.
IP Tables:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Diagnostic Results:
netstat result:
# netstat -na | grep 3306
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
netstat Results (netstat -lnp | grep mysql)
# netstat -lnp | grep mysql
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 6684/mysqld
unix 2 [ ACC ] STREAM LISTENING 33101 6684/mysqld /var/lib/mysql/mysql.sock
iptables -L Results:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:mysql
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
can run nc on server from localhost / SSH connection but not from remote systems
No comments:
Post a Comment