View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Having trouble adding localhost to iptables
Log in to Ask a Question

Having trouble adding localhost to iptables

networking

Here are my rules:

[root@blah ~]# iptables -L INPUT --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  localhost            anywhere            tcp dpt:mysql 
2    ACCEPT     tcp  --  blah.members.linode.com  anywhere            tcp dpt:mysql 
3    ACCEPT     tcp  --  blah.net  anywhere            tcp dpt:mysql 
4    DROP       tcp  --  anywhere             anywhere            tcp dpt:mysql 
[root@blah ~]#

I can access mysql from home (blah.net) and from my other Linode (blah.members…) with "mysql -u username -ppassword -hx.x.x.x"

But localhost doesn't work…

[root@blah ~]# mysql -u username -ppassword
ERROR 1045 (28000): Access denied for user 'username'@'localhost' (using password: YES)
[root@blah ~]#

3 Replies

This is not a result of the connection being blocked by iptables, but rather an authentication failure from MySQL.

In order to log in as user@localhost, you need to add a row and the appropriate privileges to the mysql.user table as user@localhost, or modify your existing account to user@% (% meaning all hosts) instead of user@.

The MySQL manual has more information on how connections are verified: http://dev.mysql.com/doc/refman/5.7/en/ … ccess.html">http://dev.mysql.com/doc/refman/5.7/en/connection-access.html

@jcurry:

This is not a result of the connection being blocked by iptables, but rather an authentication failure from MySQL.

In order to log in as user@localhost, you need to add a row and the appropriate privileges to the mysql.user table as user@localhost, or modify your existing account to user@% (% meaning all hosts) instead of user@.

The MySQL manual has more information on how connections are verified: http://dev.mysql.com/doc/refman/5.7/en/ … ccess.html">http://dev.mysql.com/doc/refman/5.7/en/connection-access.html

Awesome @jcurry that's exactly what I wanted to "rule" out.

Just to add on to jcurry's post, with some builds of mysql, user@% will allow a connection from all external hosts, but will still refuse localhost. You need to explicitly add a row for localhost too.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct