求助,MYSQL连接本机IP,IPTABLE如何设置?
如题,我在使用Discuz论坛的时候,MYSQL数据库连接地址必须使用本身IP地址,不能使用localhost,数据库与WEB放在同一台服务器上,IPTABLES规则如下
[root@IP215 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:rtsp
ACCEPT tcp -- anywhere anywhere tcp dpt:mice
ACCEPT tcp -- anywhere anywhere tcp dpt:zenginkyo-2
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
DROP all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
求助如何来设置IPTABLES?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
在output里加一条允许3306端口(默认mysql端口)的规则
把策略更改为这样就行了.
[root@IP215 ~]# iptables -vnL
Chain INPUT (policy DROP 115 packets, 7991 bytes)
pkts bytes target prot opt in out source destination
1519 512K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
3718 403K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22,80,554,3306,5020,5021,5022
62 7656 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
347 28683 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 9358 packets, 4893K bytes)
pkts bytes target prot opt in out source destination
MySQL使用的是3306端口。
既然数据库和网站都放在同一个服务器上,还用写规则吗?