On Sun, Jan 30, 2011 at 20:48, geertsky
<begeert@gmail.com> wrote:
Hello,
I'm having a wierd problem I cannot solve...
I have a pptp connection from my house to my server using
192.168.2.0/24 range ip's
I ḿ trying to make mysql access able from the 192.168.2.0/24 network.
On the server I've got ufw firewall so I state "ufw insert 4 allow
proto tcp from 192.168.2.0/24 to 192.168.2.1 port 3306"
This gives ufw status numbered:
Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 1723/tcp ALLOW IN Anywhere
[ 3] Anywhere DENY IN 192.168.254.0/24
[ 4] 192.168.2.1 3306/tcp ALLOW IN 192.168.2.0/24
[ 5] 192.168.2.1 80/tcp ALLOW IN 192.168.2.0/24
[ 6] 80/tcp ALLOW IN Anywhere
[ 7] 21/tcp ALLOW IN Anywhere
[ 8] 192.168.2.0/24 DENY IN 192.168.100.0/24
[ 9] 192.168.2.0/24 DENY IN 192.168.1.0/24
[10] 217.148.94.148 25 ALLOW IN Anywhere
[11] 217.148.94.148 993 ALLOW IN Anywhere
[12] 217.148.94.148 995 ALLOW IN Anywhere
looks good I thought...
To test I used netcat because mysqld has some restrictions and to rule
any mysql problems out first just a netcat connction...
so on the server: nc -vl 192.168.2.1 3306
on the client: telnet 192.168.2.1 3306
and it timesout unable to connect...
ping 192.168.2.1 on the client gives replys...
iptables -L on the client gives ACCEPT ACCEPT ACCEPT and no further
rules...
hhm... strange...
After this I've been looking everyhere to findout eventually the
following:
ufw delete 4 #delete the existing mysql accept rule
ufw insert 4 allow proto tcp from 192.168.2.0/24 to 192.168.2.1 port
3307
ufw status numbered gives:
Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 1723/tcp ALLOW IN Anywhere
[ 3] Anywhere DENY IN 192.168.254.0/24
[ 4] 192.168.2.1 3307/tcp ALLOW IN 192.168.2.0/24
[ 5] 192.168.2.1 80/tcp ALLOW IN 192.168.2.0/24
[ 6] 80/tcp ALLOW IN Anywhere
[ 7] 21/tcp ALLOW IN Anywhere
[ 8] 192.168.2.0/24 DENY IN 192.168.100.0/24
[ 9] 192.168.2.0/24 DENY IN 192.168.1.0/24
[10] 217.148.94.148 25 ALLOW IN Anywhere
[11] 217.148.94.148 993 ALLOW IN Anywhere
[12] 217.148.94.148 995 ALLOW IN Anywhere
on the server: nc -vl 192.168.2.1 3307
on the client: telnet 192.168.2.1 3307
Connected to 192.168.2.1.
Escape character is '^]'.!!!!!!!!!!!!
and i can chat as supposed to be able using nc.
Apparently there is somewhere in the os a rule which disables access
to port 3306, but it's not a iptables rule...
Does anyone have a idea what apart from iptables controls network
traffic?
Thanks cause I'm completely lost...
Greetings,
Geert
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: [🔎] f663cbd7-417e-4581-9574-90891eae4b18@b34g2000yqc.googlegroups.com" target="_blank">http://lists.debian.org/[🔎] f663cbd7-417e-4581-9574-90891eae4b18@b34g2000yqc.googlegroups.com