Originally Posted by
rs2k
I don't like the idea of having a mysql server open to remote connections, but I don't know of any other way to do it and it will only be open for a few days.
That's easily solved with an iptables rule on the MySQL server. From the command prompt you could enter:
Code:
/sbin/iptables -I INPUT -p tcp ! -s 127.0.0.0/8 --dport 3306 -j REJECT
/sbin/iptables -I INPUT -p tcp -s ip.of.remote.server --dport 3306 -j ACCEPT
The rules appear in reverse order here because I'm using the -I switch to insert these records above any others you may already by using. When those commands are done, the rules will be in the reverse order at the top of the ruleset. (If you are adding these to an existing ruleset, reverse their order and use the -A switch. Put them ahead of any default deny rule you may have at the bottom of the INPUT chain.)
The "! -s 127.0.0.0/8" is only needed if there is not a default ACCEPT rule for localhost above where these rules would be entered.
Bookmarks