CSF not allowing "Remote MySQL" IP's through anymore.
Posted: 30 Sep 2016, 09:16
Some time back, someone shared a script which could allow "Remote MySQL" IP's through.
Here's the script:
Running the script in SSH gets a list of IP's, and if I allow an IP manually through it works fine.
i.e. here's the list of IP's which the code above generated:
These IP's have been added by various users in their cPanel. But the IP's don't get added to the firewall allow list:
Adding the IP manually through SSH works fine though:
As soon as I did that I could connect to the MySQL server from a remote location.
This used to work some time ago, though not anymore.
Here's the script:
Code: Select all
mysql mysql -e "select Host,User from user where Host!='localhost' group by Host;" | awk {'print "tcp:in:d=3306:s=" $1 "\t# " $2'} | sed "s/\%//g" | egrep "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" | grep -v "127.0.0.1" | sort | uniq
i.e. here's the list of IP's which the code above generated:
Code: Select all
tcp:in:d=3306:s=154.66.196.44 # aaamaree
tcp:in:d=3306:s=154.66.196.69 # aaamaree
tcp:in:d=3306:s=155.254.31.50 # bonzai
tcp:in:d=3306:s=165.144.190.249 # cwayyorg
tcp:in:d=3306:s=192.168.128.219 # aaamotor
tcp:in:d=3306:s=196.34.136.111 # aaamotor
tcp:in:d=3306:s=196.34.19.36 # cmggssof
tcp:in:d=3306:s=197.96.136.124 # cpses_zanCCjCP32
tcp:in:d=3306:s=199.83.209.221 # aaamotor
Code: Select all
csf -L | grep 165.144.190.249
Code: Select all
csf -a tcp:in:d=3306:s=165.144.190.249 # aaamaree
Adding tcp:in:d=3306:s=165.144.190.249 to csf.allow and iptables ACCEPT...
ACCEPT tcp opt -- in !lo out * 165.144.190.249 -> 0.0.0.0/0 tcp dpt:3306
root@mercury:[~]$ csf -L | grep 165.144.190.249
1 0 0 ACCEPT tcp -- !lo * 165.144.190.249 0.0.0.0/0 tcp dpt:3306
This used to work some time ago, though not anymore.
Code: Select all
root@mercury:[~]$ csf -v
csf: v9.24 (cPanel)
root@mercury:[~]$ uname -a
Linux mercury.x.x 2.6.32-673.8.1.lve1.4.3.el6.x86_64 #1 SMP Wed Feb 10 08:57:30 EST 2016 x86_64 x86_64 x86_64 GNU/Linux
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1736
Server version: 5.5.52-cll MySQL Community Server (GPL)