Cannot connect to MySQL Server on RHEL 5.7

Posted by Jeffrey Wong on Server Fault See other posts from Server Fault or by Jeffrey Wong
Published on 2012-02-22T07:59:14Z Indexed on 2013/07/02 23:09 UTC
Read the original article Hit count: 397

Filed under:
|
|

I have a standard MySQL Server running on Red hat 5.7. I have edited /etc/my.cnf to specify the bind address as my server's public IP address.

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1

# Disabling symbolic-links is recommended to prevent assorted security risks    ;
# to do so, uncomment this line:
# symbolic-links=0

[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

bind-address=171.67.88.25
port=3306

And I have also restarted my firewall

sudo /sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
/sbin/service iptables save

The network administrator has already opened port 3306 for this box. When connecting from a remote computer (running Ubuntu 10.10, server is running RHEL 5.7), I issue

mysql -u jeffrey -p --host=171.67.88.25 --port=3306 --socket=/var/lib/mysql/mysql.sock

but receive a ERROR 2003 (HY000): Can't connect to MySQL server on '171.67.88.25' (113).

I've noticed that the socket file /var/lib/mysql/mysql.sock is blank. Should this be the case?

UPDATE

The result of netstat -an | grep 3306

tcp    0  0 0.0.0.0:3306            0.0.0.0:*               LISTEN  

Result of sudo netstat -tulpen

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       User       Inode      PID/Program name   
tcp        0      0 127.0.0.1:2208              0.0.0.0:*                   LISTEN      0          7602       3168/hpiod          
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      27         7827       3298/mysqld         
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      0          5110       2802/portmap        
tcp        0      0 0.0.0.0:8787                0.0.0.0:*                   LISTEN      0          8431       3326/rserver        
tcp        0      0 0.0.0.0:915                 0.0.0.0:*                   LISTEN      0          5312       2853/rpc.statd      
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      0          7655       3188/sshd           
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      0          7688       3199/cupsd          
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      0          8025       3362/sendmail: acce 
tcp        0      0 127.0.0.1:2207              0.0.0.0:*                   LISTEN      0          7620       3173/python         
udp        0      0 0.0.0.0:909                 0.0.0.0:*                               0          5300       2853/rpc.statd      
udp        0      0 0.0.0.0:912                 0.0.0.0:*                               0          5309       2853/rpc.statd      
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               0          4800       2598/dhclient       
udp        0      0 0.0.0.0:36177               0.0.0.0:*                               70         8314       3476/avahi-daemon:  
udp        0      0 0.0.0.0:5353                0.0.0.0:*                               70         8313       3476/avahi-daemon:  
udp        0      0 0.0.0.0:111                 0.0.0.0:*                               0          5109       2802/portmap        
udp        0      0 0.0.0.0:631                 0.0.0.0:*                               0          7691       3199/cupsd 

Result of sudo /sbin/iptables -L -v -n

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination         
6373 2110K RH-Firewall-1-INPUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination         
0     0 RH-Firewall-1-INPUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 1241 packets, 932K bytes)
pkts bytes target     prot opt in     out     source               destination         

Chain RH-Firewall-1-INPUT (2 references)
pkts bytes target     prot opt in     out     source               destination         
572  861K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
1    28 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 255 
0     0 ACCEPT     esp  --  *      *       0.0.0.0/0            0.0.0.0/0           
0     0 ACCEPT     ah   --  *      *       0.0.0.0/0            0.0.0.0/0           
46  6457 ACCEPT     udp  --  *      *       0.0.0.0/0            224.0.0.251         udp dpt:5353 
0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:631 
0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:631 
782  157K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2   120 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:443 
0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:23 
0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80 
4970 1086K REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Result of nmap -P0 -p3306 171.67.88.25

Host is up (0.027s latency).
PORT     STATE    SERVICE
3306/tcp filtered mysql
Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds

Solution

When everything else fails, go GUI! system-config-securitylevel and add port 3306. All done!

© Server Fault or respective owner

Related posts about mysql

Related posts about database