Posted on 2011-09-07
I want to open up a hole in the firewall for mysql access. from my search, I got these two commands
iptables -A INPUT -p tcp -s <clientip> --sport 1024:65535 -d <serverid> --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 7<serverip> --sport 3306 -d <clientip> --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
I ran them both on the server (is that correct?), and iptables -L confirm they took effect. but can not make connection from the client.
any one see anything wrong?