Solved

SuSE Firewall - FW_REDIRECT

Posted on 2006-06-25
3
1,000 Views
Last Modified: 2012-08-13
NOTE: This may seem like a DB question at first but eventually boils down to a networking question.

I am running a MySQL server on a SuSE 10.1 server. I would like to be able to connect to the same server instance using 2 different ports: 3306 (standard) and 3307. I added an entry into FW_REDIRECT as follows: 0/0,192.168.168.XXX,tcp,3307,3306 This works and allows me to connect to the MySQL server using port 3307 from all computers in my network EXCEPT for the computer running the MySQL server, 192.168.168.XXX. I need this rule or this rule and others to work for 192.168.168.XXX also.

Thanks in advance for any help.

Phil
0
Comment
Question by:MrPickle
  • 2
3 Comments
 
LVL 27

Expert Comment

by:Nopius
ID: 16981731
# for external incoming packets
iptables -t nat -A PREROUTING --destination 192.168.168.XXX --protocol tcp --destination port 3307 -j REDIRECT --to-ports 3306
# for locally generated packets
iptables -t nat -A OUTPUT --destination 192.168.168.XXX --protocol tcp --destination port 3307 -j REDIRECT --to-ports 3306
0
 

Author Comment

by:MrPickle
ID: 16983020
Am I correct in assuming that the SuSE firewall is just a front end GUI for iptables firewall and that there is a configuration file somewhere that I can add the two rules you provided?

Also one more question. I noticed "nat" was in both commands you provided. This computer is not acting as a router or providing nat for the network, I have a hardware appliance I use for those tasks . Do the rules you provided still apply?
0
 
LVL 27

Accepted Solution

by:
Nopius earned 250 total points
ID: 16988520
> Am I correct in assuming that the SuSE firewall is just a front end GUI for iptables firewall
Probably yes. To be sure, execute commands:
iptables -L -t nat
iptables -L -t filter
after you have configured port forwarding via the GUI and copy paste here.

Why probably? Because iptables not the only firewall in Linux, also it may be ipfilter.
Anyway after disabling all rules you have configured in GUI and running these two commands you should have working redirection.

> Do the rules you provided still apply?
Yes, I've tested them before posting. My PC is also not a router.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question