Linux Apps Tutorials - Herong's Tutorial Examples - v1.02, by Herong Yang
Open Firewall for MySQL Server on CentOS
This section provides a tutorial example on how to setup MySQL server and firewall to client computers to use TCP/IP connections on CentOS 8 systems.
If you want client programs from other computers to use the TCP/IP connection of the MySQL server on CentOS systems, you can follow what I did on my CentOS 8 computer.
1. Make sure that MySQL server is listening on an IP address with a given port number. I see that the server is listening on 192.168.1.100:3306 using these commands on server. Remember that "bind_address=*" supports any IP address used by the server.
herong$ ifconfig eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255 ... herong$ mysql -u root -p mysql> show variables like 'bind_address'; +---------------------+-------+ | Variable_name | Value | +---------------------+-------+ | bind_address | * | +---------------------+-------+ mysql> show variables like 'port'; +---------------+-------+ | Variable_name | Value | +---------------+-------+ | port | 3306 | +---------------+-------+
2. Make sure that my MySQL user accounts covers my computer IP address. I see that my computer IP address 192.168.1.11 is covered:
(On the server) herong$ mysql -u root -p mysql> select user, host from mysql.user; +------------------+--------------+ | user | host | +------------------+--------------+ | herong | localhost | | herong | 127.0.0.1 | | herong | 192.168.1.% | +------------------+--------------+ (On my computer) herong$ ifconfig en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 192.168.1.11 netmask 0xffffff00 broadcast 192.168.1.255
3. Checking IP address and port connection from my computer to the server. I see that my computer can reach the server, but not the port 3306.
(On my computer) herong$ ping 192.168.1.100 PING 192.168.1.100 (192.168.1.100): 56 data bytes 64 bytes from 192.168.1.100: icmp_seq=0 ttl=64 time=4.548 ms 64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=2.308 ms ... herong$ telnet 192.168.1.100 3306 Trying 192.168.1.100... telnet: connect to address 192.168.1.100: Connection refused telnet: Unable to connect to remote host
4. Open the firewall on the MySQL server for port 3306. These commands opens port 3306 for all computers on the Internet. I need to add more restrictions later.
(On the server) herong$ sudo firewall-cmd --zone=public --add-port=3306/tcp herong$ sudo firewall-cmd --runtime-to-permanent
5. Checking IP address and port connection from my computer to the server again. I see that the TCP/IP connection is open.
herong$ telnet 192.168.1.100 3306 Trying 192.168.1.100... Connected to 192.168.1.100. Escape character is '^]'. J 8.0.17/1TZi76?l...
6. Finally, connect to MySQL server from my client computer:
herong$ /usr/local/mysql/bin/mysql -u herong -h 192.168.1.100 -p Enter password: TopSecret<Enter> mysql>
Cool! I was able to setup MySQL server and firewall to for TCP/IP connection from my client computer.
Table of Contents
Running Apache Web Server (httpd) on Linux Systems
Running PHP Scripts on Linux Systems
►Running MySQL Database Server on Linux Systems
Install MySQL Database Server on CentOS
Manage MySQL Server 'mysqld' on CentOS
Set MySQL Server "root" Password on CentOS
MySQL Server File Locations on CentOS
MySQL Server Data Backups on CentOS
MySQL Server Log Files on CentOS
MySQL Server Socket Connection on CentOS
MySQL Server TCP/IP Connection on CentOS
►Open Firewall for MySQL Server on CentOS
"Server sent charset unknown to the client" Error
Performance of Inserting Integers to MySQL Database
Performance Comparison of Inserting Integers vs. Strings
Running Python Scripts on Linux Systems
Conda - Environment and Package Manager