Solved

SuSE Firewall - FW_REDIRECT

Posted on 2006-06-25
3
1,016 Views
Last Modified: 2012-08-13
NOTE: This may seem like a DB question at first but eventually boils down to a networking question.

I am running a MySQL server on a SuSE 10.1 server. I would like to be able to connect to the same server instance using 2 different ports: 3306 (standard) and 3307. I added an entry into FW_REDIRECT as follows: 0/0,192.168.168.XXX,tcp,3307,3306 This works and allows me to connect to the MySQL server using port 3307 from all computers in my network EXCEPT for the computer running the MySQL server, 192.168.168.XXX. I need this rule or this rule and others to work for 192.168.168.XXX also.

Thanks in advance for any help.

Phil
0
Comment
Question by:MrPickle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 27

Expert Comment

by:Nopius
ID: 16981731
# for external incoming packets
iptables -t nat -A PREROUTING --destination 192.168.168.XXX --protocol tcp --destination port 3307 -j REDIRECT --to-ports 3306
# for locally generated packets
iptables -t nat -A OUTPUT --destination 192.168.168.XXX --protocol tcp --destination port 3307 -j REDIRECT --to-ports 3306
0
 

Author Comment

by:MrPickle
ID: 16983020
Am I correct in assuming that the SuSE firewall is just a front end GUI for iptables firewall and that there is a configuration file somewhere that I can add the two rules you provided?

Also one more question. I noticed "nat" was in both commands you provided. This computer is not acting as a router or providing nat for the network, I have a hardware appliance I use for those tasks . Do the rules you provided still apply?
0
 
LVL 27

Accepted Solution

by:
Nopius earned 250 total points
ID: 16988520
> Am I correct in assuming that the SuSE firewall is just a front end GUI for iptables firewall
Probably yes. To be sure, execute commands:
iptables -L -t nat
iptables -L -t filter
after you have configured port forwarding via the GUI and copy paste here.

Why probably? Because iptables not the only firewall in Linux, also it may be ipfilter.
Anyway after disabling all rules you have configured in GUI and running these two commands you should have working redirection.

> Do the rules you provided still apply?
Yes, I've tested them before posting. My PC is also not a router.
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question