Answer the question
In order to leave comments, you need to log in
V
V
viktortokarev8822018-03-04 03:05:14
viktortokarev882, 2018-03-04 03:05:14
Frewalld. Problems with IP limit (mysql)?
Greetings!
It is required to make a whitelist of IPs that can connect to mysql (interact with port 3306 (mysql service)).
You can of course set up privileges on mysql itself, but I want to close connections before interacting with mysql, i.e. write rules in firewalld.
How do I do.
-
Add service:
firewall-cmd --zone=public --add-service=mysql --permanent
Then add rules:
firewall-cmd --add-rich-rule 'rule family="ipv4" source address="REMOTE_IP" service name="mysql" accept' --permanent
And reload:
firewall-cmd --reload
-
But connecting from a third-party IP is allowed via telnet:
telnet IP 3306
The connection is not immediately reset, but displayed:
Version(Set of obscure characters) mysql_native_password
I.e. firewalld did not take the required action, but skipped it.
I will be grateful for your help!
2 answer(s)
@viktortokarev882
Adding a service to firewalld means that you open ports for that service to everyone. Just remove this rule and everything will be ok
Z
zzamzam, 2018-03-04 @viktortokarev882
I add a service:
firewall-cmd --zone=public --add-service=mysql --permanent
Adding a service to firewalld means that you open ports for that service to everyone. Just remove this rule and everything will be ok
Similar questions
L
M
R
N
#
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question