防火牆設定

1. mysql 啟動後會監聽在 3306 port。

   [root@kvm3 ~]# ss -ltpn | grep 3306
   LISTEN   0     80   *:3306        *:*      users:(("mysqld",pid=17698,fd=22))
   

2. 允許遠端存取，防火牆必須開啟 3306 port，查看目前的防火牆，3306 port 沒開啟。

   [root@kvm3 ~]# firewall-cmd --list-all
   public (active)
     target: default
     icmp-block-inversion: no
     interfaces: ens3
     sources: 
     services: cockpit dhcpv6-client ssh
     ports: 
     protocols: 
     masquerade: no
     forward-ports: 
     source-ports: 
     icmp-blocks: 
     rich rules:
   

3. 加入開機設定開啟 3306/tcp 埠號。

   [root@kvm3 ~]# firewall-cmd --permanent --add-port=3306/tcp
   success
   

4. 重新載入防火牆設定。

   [root@kvm3 ~]# firewall-cmd --reload 
   success
   

5. 再查詢防火牆設定，已開啟 3306/tcp 埠號。

   [root@kvm3 ~]# firewall-cmd --list-all
   public (active)
     target: default
     icmp-block-inversion: no
     interfaces: ens3
     sources: 
     services: cockpit dhcpv6-client ssh
     ports: 3306/tcp
     protocols: 
     masquerade: no
     forward-ports: 
     source-ports: 
     icmp-blocks: 
     rich rules: