SuSE Firewall - FW_REDIRECT

NOTE: This may seem like a DB question at first but eventually boils down to a networking question.

I am running a MySQL server on a SuSE 10.1 server. I would like to be able to connect to the same server instance using 2 different ports: 3306 (standard) and 3307. I added an entry into FW_REDIRECT as follows: 0/0,192.168.168.XXX,tcp,3307,3306 This works and allows me to connect to the MySQL server using port 3307 from all computers in my network EXCEPT for the computer running the MySQL server, 192.168.168.XXX. I need this rule or this rule and others to work for 192.168.168.XXX also.

Thanks in advance for any help.

Phil
MrPickleAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
NopiusConnect With a Mentor Commented:
> Am I correct in assuming that the SuSE firewall is just a front end GUI for iptables firewall
Probably yes. To be sure, execute commands:
iptables -L -t nat
iptables -L -t filter
after you have configured port forwarding via the GUI and copy paste here.

Why probably? Because iptables not the only firewall in Linux, also it may be ipfilter.
Anyway after disabling all rules you have configured in GUI and running these two commands you should have working redirection.

> Do the rules you provided still apply?
Yes, I've tested them before posting. My PC is also not a router.
0
 
NopiusCommented:
# for external incoming packets
iptables -t nat -A PREROUTING --destination 192.168.168.XXX --protocol tcp --destination port 3307 -j REDIRECT --to-ports 3306
# for locally generated packets
iptables -t nat -A OUTPUT --destination 192.168.168.XXX --protocol tcp --destination port 3307 -j REDIRECT --to-ports 3306
0
 
MrPickleAuthor Commented:
Am I correct in assuming that the SuSE firewall is just a front end GUI for iptables firewall and that there is a configuration file somewhere that I can add the two rules you provided?

Also one more question. I noticed "nat" was in both commands you provided. This computer is not acting as a router or providing nat for the network, I have a hardware appliance I use for those tasks . Do the rules you provided still apply?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.