Firewall will not permit local machines to access SQL server in DMZ
Hi I have an Alcatel 'frog' USB ADSL modem running off a SuSE linux box configured as a firewall. This machine has 2 network cards. One card is connected directly to a second linux box using a crossover cable, this section being designated as the DMZ. The second linux box runs Apache and MySQL. The other card is connected to an 8 way hub permitting my household network to access the world via the firewall. The gateway (firewall) machine additionally runs Squid http proxy but all the internal user machines are in fact masqueraded onto the Internet. The web server is reverse masqueraded onto the internet, this permits the redirection of incoming http requests (since my ISP blocks port 80) from the port to which they are directed by my dynamic IP address service. Both the linux boxes run without monitors and I administer them remotely using Putty and ssh from one of my user machines. All the user machines run Win XP and communicate with each other using their native peer-to-peer facilities, there being no domain, although Bind is running on the gateway to provide local DNS resolution. When my current contract expires I will move to another provider and obtain a static IP address, at which point I will introduce a domain server. You may wonder why I need all this stuff in my home. So do I. All I can say is: insanity is hereditary, you get it from your kids. I need to access the SQL server from one of my user machines using Microsoft Access, but I cannot figure out how to persuade SuSEfirewall2 to permit this. I know I have a problem with MySQL as the connection still fails when the firewall is turned off, but I can tell from the error logging that communication is not passing the firewall when it is turned on. I can probably figure out the MySQL problem once I can communicate with the machine, but obviously I don't want to leave the firewall turned off. MySQL uses a port in the 3000 range, and I have turned on the 'allow high ports' option in the firewall, but this makes no difference. Can anybody help? Any other comments on the arrangement and security of my system would be appreciated. Fred
I need to access the SQL server from one of my user machines using Microsoft Access, but I cannot figure out how to persuade SuSEfirewall2 to permit this.
MySQL uses port 3306. Therefore you should add it to FW_SERVICES_INT_TCP. HTH Jörn -- ------------------------------------------------------------ Jörn Ott Telefon: (0 22 24) 94 08 - 73 EDV Service & Beratung Telefax: (0 22 24) 94 08 -74 Lohfelder Str. 33 E-Mail: mailto:white@ott-service.de 53604 Bad Honnef WWW: http://www.ott-service.de/
I need to access the SQL server from one of my user machines using Microsoft Access, but I cannot figure out how to persuade SuSEfirewall2 to permit this.
MySQL uses port 3306. Therefore you should add it to FW_SERVICES_INT_TCP.
I think mssql is meant (access&mysql???). /etc/services: Server: ms-sql-s 1433/tcp # Microsoft-SQL-Server ms-sql-s 1433/udp # Microsoft-SQL-Server Monitor: ms-sql-m 1434/tcp # Microsoft-SQL-Monitor ms-sql-m 1434/udp # Microsoft-SQL-Monitor Philippe
participants (3)
-
Fred Gemmell -
Jörn Ott -
Philippe Vogel