List:General Discussion« Previous MessageNext Message »
From:Mogens Melander Date:May 2 2007 7:31pm
Subject:Re: secure port 3306
View as plain text  
On linux, one could do a port forward:

EXTIF=eth0 # Or whatever the interface that faces internet is called.

iptables -A FORWARD -i $EXTIF -p tcp -s <client-ip> --dport 3306 -j ACCEPT
iptables -A PREROUTING -t nat -p tcp -s <client-ip> \
   -d <linux-fw-ip> --dport 3306 -j DNAT --to <internal-ip>:3306

On Wed, May 2, 2007 17:03, Steven Buehler wrote:
> I have a client that needs to be able to remotely connect to port 3306
> securely.  I have tried to suggest an SSH Tunnel, but they do not want
> their
> clients to have SSH access.  Another problem is that even if we do tunnel,
> it needs to go thru one server that is connected to the Internet and into
> the MySQL server which is NOT accessible from the Internet.
>
> Any suggestions?
>
> Thanks
> Steve
>
>
> --
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe:    http://lists.mysql.com/mysql?unsub=1
>
>
> --
> This message has been scanned for viruses and
> dangerous content by OpenProtect(http://www.openprotect.com), and is
> believed to be clean.
>


-- 
Later

Mogens Melander
+45 40 85 71 38
+66 870 133 224



-- 
This message has been scanned for viruses and
dangerous content by OpenProtect(http://www.openprotect.com), and is
believed to be clean.
Thread
secure port 3306Steven Buehler2 May
  • RE: secure port 3306Jay Blanchard2 May
  • Re: secure port 3306Mogens Melander2 May
  • RE: secure port 3306Steven Buehler4 May
RE: secure port 3306Steven Buehler7 May
  • Re: secure port 3306BJ Swope7 May
  • RE: secure port 3306Mogens Melander7 May
    • RE: secure port 3306Steven Buehler7 May
      • RE: secure port 3306Mogens Melander7 May