Iptables

proactiveaditya · October 1, 2009, 3:14pm

What should be the iptables rule so that only the subnet 64.61.11.224/255.255.255.248 may access the mysql port 3306

pludi · October 2, 2009, 2:02am

Make sure that the default policy is 'DROP' or 'REJECT', and use these rules:

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp -s 64.61.11.224/29 --dport 3306 -m state --state NEW -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT