1

不能让它工作。这是我到目前为止所做的:

mysql> CREATE USER 'admin'@'localhost' IDENTIFIED BY 'xxxxxx';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
mysql> CREATE USER 'admin'@'%' IDENTIFIED BY 'xxxxxx';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'admin'@'%' WITH GRANT OPTION;

在 AWS 控制台 -> EC2 -> 网络和安全 -> 安全组 -> quick-start-1 -> 入站选项卡 -> 从下拉列表中选择“MYSQL” -> 添加规则 -> 应用

编辑/etc/my.cnf并添加bind-address,然后

sudo /etc/init.d/mysqld restart

sudo /sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
sudo service iptables save

最后从我的电脑:

[nir@dhcppc4 ~]$ mysql -h xxx.xxx.xxx.xxx -u admin -p 
Enter password: 
ERROR 2003 (HY000): Can't connect to MySQL server on 'xxx.xxx.xxx.xxx' (113)

编辑: 运行netstat -lp | grep mysql(我没有在输出中看到端口号):

tcp        0      0 *:mysql                     *:*                         LISTEN      -                

unix  2      [ ACC ]     STREAM     LISTENING     16003  -                   /var/lib/mysql/mysql.sock

添加在/etc/my.cnf

port=3306

现在netstat -lp | grep mysql

tcp        0      0 *:mysql                     *:*                         LISTEN      -                   
unix  2      [ ACC ]     STREAM     LISTENING     37757  -                   /var/lib/mysql/mysql.sock

/etc/my.cnf文件:

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
port=3306
bind-address = 0.0.0.0
#skip-networking
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0

[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

另外我尝试通过其他计算机连接,但我无法连接,所以我想这不是连接计算机的问题

我的 telnet 被拒绝访问:

[nir@dhcppc4 ~]$ telnet xxx.xxx.xxx.xxx 3306
Trying xxx.xxx.xxx.xxx...
telnet: connect to address xxx.xxx.xxx.xxx: No route to host

** 我也在尝试在亚马逊 ec2 论坛中解决它

4

1 回答 1

3

解决了

问题:

我在 iptables 中有这一行

REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

并且此行仅将规则附加到列表的末尾,因此拒绝首先捕获它

sudo iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT

为了解决它,我需要将规则放在链中更高的位置,即使用 -I 开关,如下所示:

sudo iptables -I INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
于 2013-07-25T09:09:49.527 回答