iptables causing external sites to have problems when connecting to mysql

StackOverflow https://stackoverflow.com/questions/22431477

  •  15-06-2023
  •  | 
  •  

Question

Recently I've managed to block all unused ports on my dedicated server (Linux CentOS latest 64-bit) but whenever I do so, sites that connect to my database just simply cannot connect.

iptables -A INPUT -i lo -p tcp --dport 3306 -j ACCEPT 
iptables -A OUTPUT -o lo -p tcp --sport 3306 -j ACCEPT

I believe it has something to do with the OUTPUT port, but I am not sure.

Thanks.

Was it helpful?

Solution

If you want to allow remote incoming mysql connections you will need to define an INPUT rule that is not isolated to your local interface:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

In Centos this will be defined in the /etc/sysconfig/iptables file. Then restart:

sudo service iptables restart

Alternatively, from the command line, you can use:

sudo system-config-firewall-tui

To configure your firewall, it is in the package of the same name:

sudo yum install system-config-firewall-tui -y
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top