[SOLVED] Trouble when connecting to mysql database remotely via port 3306

iamsamhk · 07-23-2011, 07:14 AM

Hi all,

I'm new to linux, and setting up the mysql database server.
I've search for the solution for 4 hours... but I'm failed..
Here are my situation:

OS: CentOS 6
mysql version: 5.5

I tried to use MySQL Administrator to connect to my database on the host 192.168.1.120
and my computer is under the same network with ip: 192.168.1.105

But it shows the error msg:

Could not connect to MySQL instance at 192.168.1.120
Error: Can't connect to MySQL server on '192.168.1.120'(61)(code 2003)

On the server side
I've tried:

Code:

mysql> SHOW VARIABLES LIKE 'skip_networking';
+-----------------+-------+
| Variable_name   | Value |
+-----------------+-------+
| skip_networking | OFF   |
+-----------------+-------+
1 row in set (0.00 sec)

mysql> SHOW VARIABLES LIKE 'port';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| port          | 3306  |
+---------------+-------+
1 row in set (0.01 sec)

skip_networking is off and I've set the port for it.

When I check the process in OS:

Code:

[samuel.chan@dev etc]$ ps ax | grep mysql
 4308 pts/0    T      0:00 mysql -u xxxxx -p
 5292 pts/1    S+     0:00 mysql -u root -p
11230 pts/2    S      0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql
11498 pts/2    Sl     0:00 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock --port=3306
11584 pts/2    S+     0:00 grep mysql

When I try netstat:

Code:

[samuel.chan@dev etc]$ netstat -a | grep mysql
tcp        0      0 *:mysql                     *:*                         LISTEN      
unix  2      [ ACC ]     STREAM     LISTENING     40793  /var/lib/mysql/mysql.sock
unix  3      [ ]         STREAM     CONNECTED     41023  /var/lib/mysql/mysql.sock

I thought it's the problem of firewall, so I have check it also:

Code:

[samuel.chan@dev etc]$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Now I have no idea what's the problem, could anyone please advice?

kbp · 07-23-2011, 10:21 AM

Quote:

...
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql
...

Here's your problem, you've added the ACCEPT rule after the "deny all" rule - change the order and you'll be fine. Use '-I' to insert the mysql rule at a specific line number above the reject rule or edit the iptables config file and restart the service.

4play · 07-23-2011, 10:44 AM

I have exactly the same problem even when I move the mysql rule before the Default Reject.

If I switch iptables off it works perfectly. I ended up adding another rule for udp traffic being allowed and it now works.

iamsamhk · 07-23-2011, 12:25 PM

Really thanks kbp for helping, it's solved !!