Iptables Allow MYSQL server incoming requests

thompatry asked:

I am trying to get my new MediaWiki server to allow connections to our MySql Server and right now I cannot get my iptables firewall set up right for this.

The rule I am applying is the following

    iptables -A INPUT -p tcp -d --dport 3306 -j ACCEPT           # MySQL

But my iptables log is still show that the connections can not be established and is being blocked/denied.

    Nov 21 09:48:39 hds-it kernel: Firewall Deny: [OUTPUT] IN= OUT=eth1 SRC= DST= LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=29232 DF PROTO=TCP SPT=58862 DPT=3306 SEQ=914529531 ACK=0 WINDOW=14600 RES=0x00 SYN URGP=0 OPT (020405B40402080A03BCF2BC0000000001030307)

When I turn off iptables, everything works as it should including editing the wiki database.
What am I doing wrong with my rule?

Edit: here is my output from iptables -L -n -v => http://pastie.org/5413124
I could not get it to format right here.

My answer:

From your log entry, this appears to be outgoing traffic, not incoming. You need to place the rule in the OUTPUT chain, not the INPUT chain.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.