iptables how to close mysql port 3306
Brenda Radford
brkittycat at verizon.net
Mon Apr 3 20:33:08 UTC 2006
Ted Potter wrote:
>
> Greetings,
>
> have a machine with kernel 2.4.21-27.0.2.EL
>
> can someone please provide the command line for using iptables to
> close off port 3306 so remote
> mysql user can not attach to the mysqlserver running on this box.
>
> To make it fun, no I can not install anything. No there is not gui.
> Everthing I do must be from
> the command line on the box. Bout the only blessing is I can ssh in to
> the box as root.
>
> Thanks for any who care to play and share.
>
> PS
>
> I tried the following:
>
> iptables -A INPUT -p tcp -d 3306 -j REJECT
>
> then I see
>
> iptables --list
> REJECT tcp -- anywhere 0.0.12.234 <http://0.0.12.234> reject-wthi
> icmp-port-unreachable
>
> and I can still log on to the server remotely.
>
>
> Thanks again.
> (because it is Monday after 4-1 and the joker decided to wait!)
>
>
>
>
>
>
>
>
>
>
> --
> Ted Potter
> tpotter at techmarin.com <mailto:tpotter at techmarin.com>
The -d 3306 should be --dports 3306. -d is for destination IP
addresses. --dports is for destination ports.
More information about the Redhat-install-list
mailing list