Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 23rd August 2012, 16:01
xsas xsas is offline
Junior Member
 
Join Date: May 2010
Location: Valencia
Posts: 16
Thanks: 5
Thanked 0 Times in 0 Posts
Default Bastille - Open port to one IP (mysql)??

Hi,

I need to configure a mysql replication where ISPconfig will be the master. Until now the mysql port (3306) was closed.

I'm concerned by the security and I don't want this port opened for all but only one ip (mysql slave). How can I do this?

At the GUI interface we only can configure ports, not IP.

We must configure custom iptables rules?

I know that if I leave the mysql port opened I can control the access to mysql with mysql authentication (user/localhost), but it's more secure if the firewall block it, no??

;-)

thanks
__________________
---
Salvador Ausina

quadux.net
Reply With Quote
Sponsored Links
  #2  
Old 25th August 2012, 10:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,745 Times in 2,578 Posts
Default

I'm not sure if Bastille can do this. Please check out the Bastille configuration file in /etc/Bastille.

If this isn't possible, you might have to use another firewall.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
xsas (17th October 2012)
  #3  
Old 30th August 2012, 23:31
erich_k4 erich_k4 is offline
Junior Member
 
Join Date: Aug 2012
Location: Austria
Posts: 1
Thanks: 1
Thanked 1 Time in 1 Post
Default

i think this is what you are looking for:

http://www.howtoforge.com/forums/sho...25&postcount=4

http://www.howtoforge.com/forums/sho...06&postcount=4

Last edited by erich_k4; 31st August 2012 at 00:36.
Reply With Quote
The Following User Says Thank You to erich_k4 For This Useful Post:
xsas (17th October 2012)
  #4  
Old 14th September 2012, 21:22
tuxfan tuxfan is offline
Junior Member
 
Join Date: Nov 2011
Posts: 18
Thanks: 0
Thanked 4 Times in 2 Posts
Default

This is a basic step for a multiserver setup:
In /etc/Bastille/firewall.d/pre-chain-split.d
create a file, for example: mysql.sh
##################
${IPTABLES} -A PUB_IN -p tcp -s 1.2.3.4 --dport 3306 -j PAROLE
${IPTABLES} -A PUB_IN -p udp -s 1.2.3.4 --dport 3306 -j ACCEPT
##################
where 1.2.3.4 is the ip of youre slave. Just add any more slaves.
Reply With Quote
The Following 3 Users Say Thank You to tuxfan For This Useful Post:
falko (15th September 2012), JeffryL (4th May 2013), xsas (17th October 2012)
  #5  
Old 17th October 2012, 02:50
xsas xsas is offline
Junior Member
 
Join Date: May 2010
Location: Valencia
Posts: 16
Thanks: 5
Thanked 0 Times in 0 Posts
 
Default

firts sorry for my delayed reply, another tasks puts this configuration in a queue ;-)

Now we return over this configuration server and I test our recommendations

Thanks for your help
__________________
---
Salvador Ausina

quadux.net
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
[OpenFiler / HA] Heartbeat can not activate LVM volume: open file descriptors khamikaze HOWTO-Related Questions 8 2nd February 2010 16:25
MySQL problem satimis Server Operation 5 25th June 2008 16:41
ISPConfig Firewall Bastille udp port range stefanr Installation/Configuration 6 31st January 2008 18:45
Opened ports? ctroyp General 9 28th September 2005 10:28
Problem opening firewall port weedguy General 15 12th August 2005 02:05


All times are GMT +2. The time now is 17:03.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.