在debian中的iptables中添加一个规则来打开一个新的端口 [英] Adding a rule in iptables in debian to open a new port

问题描述

我正在尝试在Debian系统中的iptables中打开3306端口，以允许访问MySQL服务器。我输入了这个命令：

I am trying to open port 3306 in iptables in my Debian System to allow access to MySQL server. For which I entered this command:

root@debian:/# sudo iptables -A INPUT -p tcp --dport 3306 ACCEPT
root@debian:/# iptables-save

我进入了新的连接，被保存在iptables中，因为我可以看到iptables列表中的新规则由iptables-save命令创建。

I entered the new connection and it has been saved in iptables as I can see the new rule in iptables list genereted by iptables-save command.

然而，这个debian系统是通过Windows7和I '无法从Windows远程登录到这个端口。不确定我应该检查解决这个问题的方法。

However, this debian system is running on a VM over Windows7 and I'm not able to telnet from Windows to this port. Not sure where I am supposed to check for the solution to this problem.

推荐答案

关于你的命令行： strong>

About your command line:

root@debian:/# sudo iptables -A INPUT -p tcp --dport 3306 --jump ACCEPT
root@debian:/# iptables-save

• 您已经被认证为 root ，所以 sudo 在那里是冗余的。

  • You are already authenticated as root so sudo is redundant there.

    您在$ code之前缺少 -j 或 - 跳转 > ACCEPT 参数（只是这是一个打字错误，正确插入）。

    You are missing the -j or --jump just before the ACCEPT parameter (just tought that was a typo and you are inserting it correctly).

    关于yout问题：

    如果要将 iptables 规则正确插入你指出了这个问题，也许这个问题与您正在使用的虚拟机管理程序（虚拟机提供商）有关。

    If you are inserting the iptables rule correctly as you pointed it in the question, maybe the issue is related to the hypervisor (virtual machine provider) you are using.

    如果您提供虚拟机管理程序名称（VirtualBox，VMWare？ ）我可以进一步指导你在这个，但这里有一些建议，你可以尝试第一：

    If you provide the hypervisor name (VirtualBox, VMWare?) I can further guide you on this but here are some suggestions you can try first:

    检查您的vmachine网络设置和：

    check your vmachine network settings and:

    
    

    • 如果设置为NAT，那么您将无法从基本机器连接到vmachine。

    • if it is set to NAT, then you won't be able to connect from your base machine to the vmachine.

    如果设置为Hosted，则必须首先配置其网络设置，通常为其提供192.168.56.0/24范围内的IP，因为这是使用虚拟机管理程序的默认值。

    if it is set to Hosted, you have to configure first its network settings, it is usually to provide them an IP in the range 192.168.56.0/24, since is the default the hypervisors use for this.

    如果它设置为Bridge，与Hosted相同，但是当IP范围对您的配置有意义时，您可以进行配置。

    if it is set to Bridge, same as Hosted but you can configure it whenever IP range makes sense for you configuration.

    希望这有帮助。

    这篇关于在debian中的iptables中添加一个规则来打开一个新的端口的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！