firewalld,

FirewallD allow MySQL remote access

Dec 06, 2021 · 1 min read · Post a comment
FirewallD allow MySQL remote access

On most of the RHEL based distributions, FirewallD comes as a default firewall and it’s configured to pass only ssh connections by default. Therefore in this tutorial, I’m going to show you how to create a new zone and allow MySQL remote access for a specific IP address.

Prerequisites

  • FirewallD
  • sudo user

Allow MySQL remote access in FirewallD

Step 1. Create a new zone:

firewall-cmd --new-zone=mysql-access --permanent

Step 2. To apply the new changes reload the firewalld:

firewall-cmd --reload

If you want to double check and list the firewalld zones run:

firewall-cmd --get-zones

Step 3. First add the IP address that you want to allow:

firewall-cmd --zone=mysql-access --add-source=96.52.17.9/32 --permanent

Step 4. I’m going to add the default MySQL port 3306. If you use your own custom port change it in the rule:

firewall-cmd --zone=mysql-access --add-port=3306/tcp  --permanent

Step 5. Reload the firewalld to apply the new changes:

firewall-cmd --reload

Step 6. To make sure that the mysql-access zone is correctly configured run:

firewall-cmd --zone=mysql-access --list-all

Output

mysql-access (active)
  target: default
  icmp-block-inversion: no
  interfaces:
  sources: 96.52.17.9/32
  services:
  ports: 3306/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Now you should be able to establish a connection between your MySQL server and your machine.

Conclusion

If you need some specific rules to be enabled or disabled regarding MySQL in FirewallD config please put a comment below. Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on telegram.