LINUX.ORG.RU

Mysql ошибка 113 при удаленном подключении


0

1

Mysql и простой php скрипта с сайта одной машины не подключается к другой машине, то есть удаленно при:

mysql -h IP_2 -P 3306 -uroot -p

Выдает следующие:

ERROR 2003 (HY000): Can't connect to MySQL server on 'IP_2' (113)

Прошу помощи в решение данной проблемы! Конфиг MySQL машины исходящего подключения(IP_1)

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock

# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0

# Settings user and group are ignored when systemd is used (fedora >= 15).
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mysqld according to the
# instructions in http://fedoraproject.org/wiki/Systemd
user=mysql
bind-address=0.0.0.0

# Semisynchronous Replication
# http://dev.mysql.com/doc/refman/5.5/en/replication-semisync.html
# uncomment next line on MASTER
;plugin-load=rpl_semi_sync_master=semisync_master.so
# uncomment next line on SLAVE
;plugin-load=rpl_semi_sync_slave=semisync_slave.so

# Others options for Semisynchronous Replication
;rpl_semi_sync_master_enabled=1
;rpl_semi_sync_master_timeout=10
;rpl_semi_sync_slave_enabled=1

# http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html
;performance_schema


[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

Конфиг MySQL машины входящего подключения(IP_2)

#
# The MySQL database server configuration file.
#
# You can copy this to one of:
# - "/etc/mysql/my.cnf" to set global options,
# - "~/.my.cnf" to set user-specific options.
# 
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.
#
# For explanations see
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html

# This will be passed to all mysql clients
# It has been reported that passwords should be enclosed with ticks/quotes
# escpecially if they contain "#" chars...
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
[client]
port		= 3306
socket		= /var/run/mysqld/mysqld.sock

# Here is entries for some specific programs
# The following values assume you have at least 32M ram

# This was formally known as [safe_mysqld]. Both versions are currently parsed.
[mysqld_safe]
socket		= /var/run/mysqld/mysqld.sock
nice		= 0

[mysqld]
#
# * Basic Settings
#
user		= mysql
pid-file	= /var/run/mysqld/mysqld.pid
socket		= /var/run/mysqld/mysqld.sock
port		= 3306
basedir		= /usr
datadir		= /var/lib/mysql
tmpdir		= /tmp
lc-messages-dir	= /usr/share/mysql
skip-external-locking
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address		= 0.0.0.0
#
# * Fine Tuning
#
key_buffer		= 16M
max_allowed_packet	= 16M
thread_stack		= 192K
thread_cache_size       = 8
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover         = BACKUP
#max_connections        = 100
#table_cache            = 64
#thread_concurrency     = 10
#
# * Query Cache Configuration
#
query_cache_limit	= 1M
query_cache_size        = 16M
#
# * Logging and Replication
#
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
# As of 5.1 you can enable the log at runtime!
general_log_file        = /var/log/mysql/mysql.log
general_log             = 1
#
# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.
#
# Here you can see queries with especially long duration
#log_slow_queries	= /var/log/mysql/mysql-slow.log
#long_query_time = 2
#log-queries-not-using-indexes
#
# The following can be used as easy to replay backup logs or for replication.
# note: if you are setting up a replication slave, see README.Debian about
#       other settings you may need to change.
#server-id		= 1
#log_bin			= /var/log/mysql/mysql-bin.log
#log = /var/log/mysql/mysql.log
expire_logs_days	= 10
max_binlog_size         = 100M
#binlog_do_db		= include_database_name
#binlog_ignore_db	= include_database_name
#
# * InnoDB
#
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
# Read the manual for more InnoDB related options. There are many!
#
# * Security Features
#
# Read the manual, too, if you want chroot!
# chroot = /var/lib/mysql/
#
# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
#
# ssl-ca=/etc/mysql/cacert.pem
# ssl-cert=/etc/mysql/server-cert.pem
# ssl-key=/etc/mysql/server-key.pem



[mysqldump]
quick
quote-names
max_allowed_packet	= 16M

[mysql]
#no-auto-rehash	# faster start of mysql but no tab completition

[isamchk]
key_buffer		= 16M

#
# * IMPORTANT: Additional settings that can override those from this file!
#   The files must end with '.cnf', otherwise they'll be ignored.
#
!includedir /etc/mysql/conf.d/

IPTABLES машины исходящего подключения(IP_1)
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -p tcp -m tcp --sport 3306 -m state --state ESTABLISHED -j ACCEPT

IPTABLES машины входящего подключения(IP_2)
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 3306 -m state --state ESTABLISHED -j ACCEPT

Ну начинайте по порядку, сначала посмотрите по выводу ″netstat -l -n″ слушается ли порт на IP_2. Потом проверьте telnet'ом, можно ли подключится с IP_1 на IP_2 на порт mysql. Потом, mysqld может ещё смотреть /etc/hosts.allow и, может, нужно ещё выдать GRANT (команда базы данных).

mky ★★★★★ ()
Ответ на: комментарий от mky

telnet:

# telnet IP_2
Trying IP_2...
telnet: connect to address IP_2: No route to host

netstat -l -n(выполняется на IP_1):

# netstat -l -n
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN
tcp        0      0 :::8080                     :::*                        LISTEN
tcp        0      0 :::22                       :::*                        LISTEN
tcp        0      0 ::1:25                      :::*                        LISTEN
udp        0      0 0.0.0.0:56202               0.0.0.0:*
udp        0      0 0.0.0.0:40588               0.0.0.0:*
udp        0      0 0.0.0.0:68                  0.0.0.0:*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     9071   @/com/ubuntu/upstart
unix  2      [ ACC ]     STREAM     LISTENING     12076  public/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     12083  private/tlsmgr
unix  2      [ ACC ]     STREAM     LISTENING     12087  private/rewrite
unix  2      [ ACC ]     STREAM     LISTENING     12091  private/bounce
unix  2      [ ACC ]     STREAM     LISTENING     12095  private/defer
unix  2      [ ACC ]     STREAM     LISTENING     12099  private/trace
unix  2      [ ACC ]     STREAM     LISTENING     12103  private/verify
unix  2      [ ACC ]     STREAM     LISTENING     3029903 /var/lib/mysql/mysql.sock
unix  2      [ ACC ]     STREAM     LISTENING     12107  public/flush
unix  2      [ ACC ]     STREAM     LISTENING     12111  private/proxymap
unix  2      [ ACC ]     STREAM     LISTENING     12115  private/proxywrite
unix  2      [ ACC ]     STREAM     LISTENING     12119  private/smtp
unix  2      [ ACC ]     STREAM     LISTENING     12123  private/relay
unix  2      [ ACC ]     STREAM     LISTENING     12127  public/showq
unix  2      [ ACC ]     STREAM     LISTENING     12131  private/error
unix  2      [ ACC ]     STREAM     LISTENING     12135  private/retry
unix  2      [ ACC ]     STREAM     LISTENING     12139  private/discard
unix  2      [ ACC ]     STREAM     LISTENING     12143  private/local
unix  2      [ ACC ]     STREAM     LISTENING     12147  private/virtual
unix  2      [ ACC ]     STREAM     LISTENING     12151  private/lmtp
unix  2      [ ACC ]     STREAM     LISTENING     12155  private/anvil
unix  2      [ ACC ]     STREAM     LISTENING     12159  private/scache

netstat -l -n(выполняется на IP_2):

# netstat -l -n
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
tcp6       0      0 :::1438                 :::*                    LISTEN
udp        0      0 88.198.63.36:123        0.0.0.0:*
udp        0      0 127.0.0.1:123           0.0.0.0:*
udp        0      0 0.0.0.0:123             0.0.0.0:*
udp6       0      0 2a01:4f8:131:4a::2:123  :::*
udp6       0      0 fe80::224:21ff:feef:123 :::*
udp6       0      0 ::1:123                 :::*
udp6       0      0 :::123                  :::*
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     SEQPACKET  LISTENING     3588     /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     10560    /var/run/mysqld/mysqld.sock
unix  2      [ ACC ]     STREAM     LISTENING     10421    /var/run/acpid.socket

/etc/hosts.allow пустой на IP_1 и на IP_2

GRANT MySQL IP_1

mysql> select host, user from user;
+--------------------------------------------+-----------+
| host                                       | user      |
+--------------------------------------------+-----------+
| 127.0.0.1                                  | root      |
| ::1                                        | root      |
| localhost                                  |           |
| localhost                                  | root      |
| localhost                                  | samp_site |
| IP                                         |           |
| IP                                         | root      |
+--------------------------------------------+-----------+

GRANT MySQL IP_2

mysql> select host,user from user;
+-----------------------------+------------------+
| host                        | user             |
+-----------------------------+------------------+
| %                           | samp_game        |
| 127.0.0.1                   | root             |
| IP_1                        | root             |
| IP_1                        | samp_game        |
| ::1                         | root             |
| Debian-70-wheezy-64-minimal |                  |
| Debian-70-wheezy-64-minimal | root             |
| localhost                   |                  |
| localhost                   | debian-sys-maint |
| localhost                   | root             |
| localhost                   | samp_game        |
+-----------------------------+------------------+

fuckinet ()

машины пингуют друг друга?

nerve ★★ ()
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.