我在 CentOS 7 上运行 MySQL,似乎无法远程连接 MySQL。我有:
bind-address=0.0.0.0
当然不是#skip-networking,但如果我绑定到实际的公共/本地 IP 地址就没关系了。
我已禁用 SELinux:
[root@hostname ~]# sestatus
SELinux status: disabled
输出为iptables -L -v:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
103K 21M ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED
13 880 ACCEPT all -- lo any anywhere anywhere
21423 3952K INPUT_direct all -- any any anywhere anywhere
21423 3952K INPUT_ZONES_SOURCE all -- any any anywhere anywhere
21423 3952K INPUT_ZONES all -- any any anywhere anywhere
166 7863 DROP all -- any any anywhere anywhere ctstate INVALID
12168 3403K REJECT all -- any any anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo any anywhere anywhere
0 0 FORWARD_direct all -- any any anywhere anywhere
0 0 FORWARD_IN_ZONES_SOURCE all -- any any anywhere anywhere
0 0 FORWARD_IN_ZONES all -- any any anywhere anywhere
0 0 FORWARD_OUT_ZONES_SOURCE all -- any any anywhere anywhere
0 0 FORWARD_OUT_ZONES all -- any any anywhere anywhere
0 0 DROP all -- any any anywhere anywhere ctstate INVALID
0 0 REJECT all -- any any anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 43729 packets, 8473K bytes)
pkts bytes target prot opt in out source destination
152K 30M OUTPUT_direct all -- any any anywhere anywhere
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public all -- ens160 any anywhere anywhere [goto]
0 0 FWDI_public all -- + any anywhere anywhere [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public all -- any ens160 anywhere anywhere [goto]
0 0 FWDO_public all -- any + anywhere anywhere [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public_log all -- any any anywhere anywhere
0 0 FWDI_public_deny all -- any any anywhere anywhere
0 0 FWDI_public_allow all -- any any anywhere anywhere
0 0 ACCEPT icmp -- any any anywhere anywhere
Chain FWDI_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public_log all -- any any anywhere anywhere
0 0 FWDO_public_deny all -- any any anywhere anywhere
0 0 FWDO_public_allow all -- any any anywhere anywhere
Chain FWDO_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
7423 1336K IN_public all -- ens160 any anywhere anywhere [goto]
0 0 IN_public all -- + any anywhere anywhere [goto]
Chain INPUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public (2 references)
pkts bytes target prot opt in out source destination
21423 3952K IN_public_log all -- any any anywhere anywhere
21423 3952K IN_public_deny all -- any any anywhere anywhere
21423 3952K IN_public_allow all -- any any anywhere anywhere
8 324 ACCEPT icmp -- any any anywhere anywhere
Chain IN_public_allow (1 references)
pkts bytes target prot opt in out source destination
9081 540K ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh ctstate NEW
Chain IN_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
我当然这么做了:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '********' WITH GRANT OPTION;
FLUSH PRIVILEGES;
但我认为这是一个相当重要的连接问题,因为:
telnet XXX.XXX.XXX.XXX 3306
Trying XXX.XXX.XXX.XXX...
telnet: connect to address XXX.XXX.XXX.XXX: Connection refused
telnet: Unable to connect to remote host
但:
mysql -u root -p
mysql -h localhost -u root -p
mysql -h XXX.XXX.XXX.XXX -u root -p (public IP)
mysql -h XXX.XXX.XXX.XXX -u root -p (local network IP)
一切似乎都可以从服务器本身的控制台运行。有什么想法吗?