Iptables: Two IP-Adresses, allow Port 3306 just for one

2023-01-16 15:02 问答作者：

my server has two ip's:

# IP one: 192.168.45.1 (allow MYSQL on Port 3306)
# IP 开发者_运维百科two: 192.168.45.2 (disallow MYSQL on Port 3306)

how can i configure iptables, to drop incoming connections for a specific IP and allow it to the other?

#
# Allow MYSQL-Port only for 192.168.45.1!
#

 /sbin/iptables -A INPUT -p tcp 192.168.45.1 --dport 3306 -j ACCEPT
 /sbin/iptables -A INPUT -p tcp 192.168.45.2 --dport 3306 -j DROP

# END SCRIPT

this seems not to work.. :-(

Rather than enforcing this at the firewall level, have MySQL bind to 192.168.45.1 with the bind-address option. Add this to /etc/my.cnf:

bind-address=192.168.45.1

I think you want:

/sbin/iptables -A INPUT -p tcp -d 192.168.45.1 --dport 3306 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -d 192.168.45.2 --dport 3306 -j DROP

继续阅读：firewall iptables

Iptables: Two IP-Adresses, allow Port 3306 just for one

更多精彩内容

精彩评论

最新问答

央视是哪个频道？

请问买过的朋友，舒提啦旅行箱实际使用体验如何？？

检查不孕不育需要的费用？

海信ULED电视画质有什么不同的地方?？

钉子可以挂的住画框幕布吗？

问答排行榜

王昌瑞《潜梦追凶》剧组庆生新锐演员未来可期？

Is it allowed to ask users to enter credit card details for own payment method?

Escaping "<" in Perl-generated XML

imessage会显示已读吗？

微信重新建群怎么建？