Cannot connect to MySQL Server on RHEL 5.7
Posted
by
Jeffrey Wong
on Server Fault
See other posts from Server Fault
or by Jeffrey Wong
Published on 2012-02-22T07:59:14Z
Indexed on
2013/07/02
23:09 UTC
Read the original article
Hit count: 393
I have a standard MySQL Server running on Red hat 5.7. I have edited /etc/my.cnf to specify the bind address as my server's public IP address.
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
# Disabling symbolic-links is recommended to prevent assorted security risks ;
# to do so, uncomment this line:
# symbolic-links=0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
bind-address=171.67.88.25
port=3306
And I have also restarted my firewall
sudo /sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
/sbin/service iptables save
The network administrator has already opened port 3306 for this box. When connecting from a remote computer (running Ubuntu 10.10, server is running RHEL 5.7), I issue
mysql -u jeffrey -p --host=171.67.88.25 --port=3306 --socket=/var/lib/mysql/mysql.sock
but receive a ERROR 2003 (HY000): Can't connect to MySQL server on '171.67.88.25' (113).
I've noticed that the socket file /var/lib/mysql/mysql.sock is blank. Should this be the case?
UPDATE
The result of netstat -an | grep 3306
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
Result of sudo netstat -tulpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN 0 7602 3168/hpiod
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 27 7827 3298/mysqld
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 0 5110 2802/portmap
tcp 0 0 0.0.0.0:8787 0.0.0.0:* LISTEN 0 8431 3326/rserver
tcp 0 0 0.0.0.0:915 0.0.0.0:* LISTEN 0 5312 2853/rpc.statd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 7655 3188/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 0 7688 3199/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 8025 3362/sendmail: acce
tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN 0 7620 3173/python
udp 0 0 0.0.0.0:909 0.0.0.0:* 0 5300 2853/rpc.statd
udp 0 0 0.0.0.0:912 0.0.0.0:* 0 5309 2853/rpc.statd
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 4800 2598/dhclient
udp 0 0 0.0.0.0:36177 0.0.0.0:* 70 8314 3476/avahi-daemon:
udp 0 0 0.0.0.0:5353 0.0.0.0:* 70 8313 3476/avahi-daemon:
udp 0 0 0.0.0.0:111 0.0.0.0:* 0 5109 2802/portmap
udp 0 0 0.0.0.0:631 0.0.0.0:* 0 7691 3199/cupsd
Result of sudo /sbin/iptables -L -v -n
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
6373 2110K RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 RH-Firewall-1-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1241 packets, 932K bytes)
pkts bytes target prot opt in out source destination
Chain RH-Firewall-1-INPUT (2 references)
pkts bytes target prot opt in out source destination
572 861K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
1 28 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 255
0 0 ACCEPT esp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT ah -- * * 0.0.0.0/0 0.0.0.0/0
46 6457 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:631
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
782 157K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:23
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
4970 1086K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Result of nmap -P0 -p3306 171.67.88.25
Host is up (0.027s latency).
PORT STATE SERVICE
3306/tcp filtered mysql
Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds
Solution
When everything else fails, go GUI! system-config-securitylevel
and add port 3306. All done!
© Server Fault or respective owner