I've searched through the internet, specifically here, but can't find a solution to my problem.
The closest I've come to are the following, but checking my iptables, they don't seem to apply:
https://superuser.com/questions/1290353/iptables-blocking-remote-mysql-connection https://superuser.com/questions/791509/mysql-isnt-accepting-remote-connections
I have a virtual server by STRATO, the thing bombed out last week and after a lot of headaches and long nights I have it back online and rebuilt. Before it died I was able to connect to my MariaDb / MySQL server remotely using Navicat. Since the rebuild, it no longer works.
The firewall is set up correctly to accept connections from my IP, deny from all other externals
The database server is also set up to accept connections form my IP, deny all from other externals
The database user has full rights for the connection, and triple checked the credentials
A check of the iptables using # iptables -L -x -v -n gives the following:
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
947 225118 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW reject-with tcp-reset
156 6296 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
15 780 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8880
4 192 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
98 4096 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
1 40 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
3 156 ACCEPT tcp -- * * x.x.x.x 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT tcp -- * * x.x.x.x 0.0.0.0/0 tcp dpt:22
14 768 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:106
15 780 ACCEPT tcp -- * * x.x.x.x 0.0.0.0/0 tcp dpt:3306
0 0 ACCEPT tcp -- * * x.x.x.x 0.0.0.0/0 tcp dpt:3306
1 40 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
1 40 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5432
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9008
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9080
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
423 21880 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
4 202 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 code 0
297 13450 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
(where x.x.x.x is the authorized IP addresses)
When I attempt the login using Navicat, I get the following error:
2003 - Can't connect to MySQL server on 'xxx.xxx.xxx.xxx' (10061 'Unknown error')
Which indicates the network connection was refused.
Question: Does the order of the rules in iptables matter? i.e., Is the DROP overriding the ACCEPT because it comes second?
Thanks for any info or advice in advance!
Edit: Running CENTOS 7 (64-bit) and using Plesk Obsidian (and connecting through SSH)
Thanks Cascader, the tip worked.
In the my.cnf file was:
bind-address = ::ffff:127.0.0.1
I changed it to 0.0.0.0 and then restarted the server and I have access.
Appreciate the comments, thanks!