IP Tables Add Open Port 3306

Linux and Unix-Like Linux
1

Hi,

Anyone can help me on how to open a port 3306 on Centos 5 for my localhost (127.0.0.1), currently I have the list iptables -L;

 
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
 
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
 
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
 
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 0.0.0.1 udp dpt:5353
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8089
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8003
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8004
ACCEPT udp -- anywhere anywhere state NEW udp dpt:snmp
ACCEPT udp -- anywhere anywhere state NEW udp dpt:snmptrap
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:shell
ACCEPT udp -- anywhere anywhere state NEW udp dpt:syslog
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:10050
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:10051
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8042
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8043
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ldap
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8044
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8047
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8048
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Thanks in Advance,
FSPalero

---------- Post updated at 06:04 PM ---------- Previous update was at 05:18 PM ----------

I did these steps;

# iptables -A INPUT -p tcp -s 127.0.0.1 --dport 3306 -j ACCEPT
 
# service iptables restart
 
# iptables -L -n -v
 
# iptables -L -n
 
# netstat -tulpn | more

But still can't listen/open the port. Anywork around please.

2

A few things to check first:

  1. Are you sure that MySQL is actually running? Opening the firewall won't automatically start the service that could be listening to that port.
  2. Are you sure that you need to open the firewall? MySQL uses a local socket on the filesystem if the access is done from the same machine the service runs on.
3

Hi Pludi,

I'm using Mysql,the command ;

[root]# /etc/init.d/mysql start
Starting MySQL                                             [  OK  ]
Checking Database socket .................................Database is not running

[root]# mysqladmin version
mysqladmin: connect to server at 'localhost' failed
error: 'Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)'
Check that mysqld is running and that the socket: '/tmp/mysql.sock' exists!

########
#my.cnf
########
[manager]
default-mysqld-path = /firescope/mysql/bin/mysqld
socket=/tmp/manager.sock
log=/firescope_data/mysqlmanager.err
pid-file=/firescope_data/mysqlmanager.pid
angel-pid-file=/firescope_data/mysqlmanager.angel.pid
password-file=/etc/.mysqlmanager.passwd
monitoring-interval = 20
port = 3406
bind-address = 127.0.0.1
run-as-service

# The following options will be passed to all MySQL clients
[client]
#password       = your_password
port            = 3306
socket          =/tmp/mysql.sock

# The MySQL server
[mysqld]
port            = 3306
socket          = /tmp/mysql.sock
skip-locking
pid-file        = /firescope_data/mysqld.pid
log-error       = /firescope_data/mysql.err
basedir         = /firescope/mysql
datadir         = /firescope_data
innodb_data_home_dir = /firescope_data/
innodb_data_file_path = ibdata1:256M:autoextend
innodb_log_group_home_dir = /firescope_data/
innodb_log_arch_dir = /firescope_data/
innodb_buffer_pool_size = 768M
innodb_additional_mem_pool_size = 32M
# Set .._log_file_size to 25 % of buffer pool size
innodb_log_file_size = 192M
innodb_log_buffer_size = 64M
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 50

[mysqldump]
quick
max_allowed_packet = 16M

[mysql]
no-auto-rehash

[isamchk]
key_buffer = 128M
sort_buffer_size = 128M
read_buffer = 2M
write_buffer = 2M

[myisamchk]
key_buffer = 128M
sort_buffer_size = 128M
read_buffer = 2M
write_buffer = 2M

[mysqlhotcopy]
interactive-timeout

[mysqld_safe]
ledir==/usr/bin

!includedir /etc/mysql.d

Regards,
FSPalero

4

I suggest you turn off your firewall altogether (service iptables stop) and check if mysql starts.

5 
[root]# service iptables stop
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]

[root]# /etc/init.d/mysql start
Starting MySQL                                             [  OK  ]
Checking Database socket .................................Database is not running
6

OK, the problem is apparently not a firewall issue. Have you got SELinux turned on or off? If turned on, please turn it off and try again.

What are the relevant contents of the error logs (/firescope_data/mysql.err and /firescope_data/mysqlmanager.err)?

7

hi fpmurphy,

I used the selinux off and on but not work, here the list below;

mysql.err

InnoDB: No valid checkpoint found.
InnoDB: If this error appears when you are creating an InnoDB database,
InnoDB: the problem may be that during an earlier attempt you managed
InnoDB: to create the InnoDB data files, but log file creation failed.
InnoDB: If that is the case, please refer to
InnoDB: http://dev.mysql.com/doc/refman/5.0/en/error-creating-innodb.html
110809 10:22:07 [ERROR] Default storage engine (InnoDB) is not available
110809 10:22:07 [ERROR] Aborting

110809 10:22:07 [Note] /firescope/mysql/bin/mysqld: Shutdown complete

mysqlmanager.err

110809 10:20:52 loaded user root
110809 10:20:52 IM pid file: '/firescope_data/mysqlmanager.pid'; PID: 8032.
110809 10:21:01 guardian: starting instance 'mysqld'...
110809 10:21:01 Listener_thread::run(): bind(ip socket) failed, 'Address already in use'
110809 10:21:01 Listener: failed to initialize. Initiate shutdown...
110809 10:21:01 starting instance 'mysqld'...
110809 10:21:02 angel(): mysqlmanager exited abnormally (exit code: 256):respawning...
110809 10:21:03 Angel pid file: '/firescope_data/mysqlmanager.angel.pid'; PID: 7878.
110809 10:21:04 loaded user root
110809 10:21:04 IM pid file: '/firescope_data/mysqlmanager.pid'; PID: 8043.
110809 10:21:13 guardian: starting instance 'mysqld'...
110809 10:21:13 starting instance 'mysqld'...
110809 10:21:13 accepting connections on ip socket (port: 3406)
110809 10:21:14 accepting connections on unix socket '/tmp/manager.sock'

Regards,
FSPalero

---------- Post updated at 10:55 AM ---------- Previous update was at 10:34 AM ----------

actually, these was setup by my colleague and he was resigned without proper turn-over. these was working before. suddenly these was so slow due to 100% used storage occupied by ibdata1,ib_logfile0,ib_logfile1. then according to documents i search on google i follow the instruction to stop mysql and deleted the 3 files, then start the mysql thats the time the mysql.sock error.

8

Those innodb files are only safe to delete when you're not using innodb. If they were big, they almost certainly held data. Probably best to restore them.

Rule #1 is never delete anything you can't restore. Always back it up somewhere.