> At 08:19 9/4/2003 -0500, you wrote: > >For instance (and somebody please verify this, as I'm just learning to craft > >my own iptables rules): > > > >php machine: 192.168.1.100 > >mysql machine: 192.168.1.101 > > > >iptables rule on the mysql machine: > > > >-A RH-Lokkit-0-50-INPUT -p tcp -m tcp -s 192.168.1.100/32 --dport > >3306 --syn -j ACCEPT > >-A RH-Lokkit-0-50-INPUT -p udp -m udp -s 192.168.1.100/32 --dport 3306 -j > >ACCEPT > > I don't believe you need UDP for anything, so it should only be the first > rule. What is the "-m tcp" in there? > > As an aside, and since we were on the subject yesterday, just for fun the > Shorewall rule is something like (in the form "action from to protocol port"): > > ACCEPT loc:192.168.1.100 loc:192.168.1.101 tcp 3306
Actually, I don't know whether MySQL uses udp or not, but the /etc/services file shows both tcp and udp ports for mysql, so I put them both in. Ben -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
