http:\/\/dev.mysql.com\/doc\/refman\/5.1\/en\/server-options.html#option_mysqld_bind-address<\/a><\/p>\nThe MySQL server listens on a single network socket for TCP\/IP connections. This socket is bound to a single address, but it is possible for an address to map onto multiple network interfaces. The default address is 0.0.0.0. To specify an address explicitly, use the –bind-address=addr option at server startup, where addr is an IPv4 address or a host name. If addr is a host name, the server resolves the name to an IPv4 address and binds to that address. The server treats different types of addresses as follows:<\/p>\n
If the address is 0.0.0.0, the server accepts TCP\/IP connections on all server host IPv4 interfaces.
\nIf the address is a “regular” IPv4 address (such as 127.0.0.1), the server accepts TCP\/IP connections only for that particular IPv4 address.<\/p>\n
\u4f46\u662f\u6709\u6b64\u9700\u6c42\uff0c\u5c31\u4f1a\u5230\u8bbf\u95ee\u63a7\u5236\uff0c\u90a3\u4e48\u4f7f\u7528\u9632\u706b\u5899iptables\u53ef\u5b9e\u73b0\u6b64\u6548\u679c<\/p>\n
mysql-server\u4e3a192.168.1.3\uff0c\u53ea\u5141\u8bb8192.168.1.4, \u00a0192.168.1.5, \u00a0192.168.1.6\u6765\u8bbf\u95ee3306\u7aef\u53e3<\/p>\n
\u5728my.cnf\u4e2d<\/p>\n
bind-address = 0.0.0.0<\/pre>\n\u5728\u8bbf\u95ee3306\u7aef\u53e3\u7684\u4e3b\u673a\u4e2d\uff0c\u53ea\u5141\u8bb8192.168.1.4-6\uff0c\u5176\u4ed6ip\u4e00\u5f8bDROP\u6389<\/p>\n
\/sbin\/iptables -A INPUT -p tcp -s 192.168.1.4 --dport 3306 -j ACCEPT\r\n\/sbin\/iptables -A INPUT -p tcp -s 192.168.1.5 --dport 3306 -j ACCEPT\r\n\/sbin\/iptables -A INPUT -p tcp -s 192.168.1.6 --dport 3306 -j ACCEPT\r\n\/sbin\/iptables -A INPUT -p tcp --dport 3306 -j DROP<\/pre>\n\u6216<\/p>\n
\/sbin\/iptables -A INPUT -p tcp --dport 3306 ! -s 192.168.1.4 -j DROP\r\n\/sbin\/iptables -A INPUT -p tcp --dport 3306 ! -s 192.168.1.5 -j DROP\r\n\/sbin\/iptables -A INPUT -p tcp --dport 3306 ! -s 192.168.1.6 -j DROP<\/pre>\n\u4fdd\u5b58\u9632\u706b\u5899\u89c4\u5219<\/p>\n
service iptables save<\/pre>\n\u67e5\u770bINPUT\u94fe\u5305\u542b3306\u7684\u89c4\u5219<\/p>\n
echo -e \"target prot opt source destination\\n$(iptables -L INPUT -n | grep 3306)\"<\/pre>\n\u8fd9\u6837\u5c31\u5b9e\u73b0\u4e86mysql\u53ea\u5141\u8bb8\u6307\u5b9aip\u8bbf\u95ee\u3002<\/p>\n
\u53c2\u8003\uff1a<\/p>\n
http:\/\/www.cyberciti.biz\/faq\/unix-linux-mysqld-server-bind-to-more-than-one-ip-address\/<\/p>\n","protected":false},"excerpt":{"rendered":"
my.cnf\u4e2d\u6709\u9009\u9879bind-address=127.0.0.1\uff0c\u662f\u8bf4mysql server\u76d1\u542c\u7684\u662f\u672c\u5730\u53d1\u6765\u7684\u8bf7\u6c42\uff0c\u5982\u679c\u662f\u4efb\u610f\u4e3b\u673a\u90fd\u53ef\u4ee5\u8bf7\u6c42\uff0c\u5219\u5199\u4e3a0.0.0.0\uff0c\u4f46\u662f\u8fd9\u6837\u53c8\u4e0d\u592a\u5b89\u5168\u3002\u76d1\u542c\u67d0ip\uff0c\u6307\u5b9a\u6b64ip\u5730\u5740\u5373\u53ef\uff0c\u4f46\u662f\u8981\u4fdd\u8bc1mysql\u7684user\u4e2d\u6709\u5141\u8bb8\u6b64ip\u8bbf\u95ee\uff0c\u5426\u5219\u4e0d\u80fd\u5bf9\u6570\u636e\u5e93\u64cd\u4f5c\u3002\u90a3\u4e48\u662f\u5426\u53ef\u4ee5\u5728\u914d\u7f6e\u91cc\u53ea\u89c4\u5b9a\u51e0\u4e2aip\u5462\uff1f \u7b80\u5355\u76f4\u63a5\u56de\u7b54\uff1a\u4e0d\u53ef\u80fd \u8bf7\u53c2\u8003\uff1ahttp:\/\/dev.mysql.com\/doc\/refman\/5.1\/en\/server-options.html#option_mysqld_bind-address The MySQL server listens on a single network socket for TCP\/IP connections. This socket is bound to a single address, but it is possible for an address to map onto multiple network interfaces. The default address is 0.0.0.0. To specify an address explicitly, use the –bind-address=addr option at server startup, where […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[92,65],"tags":[23],"class_list":["post-5264","post","type-post","status-publish","format-standard","hentry","category-iptables","category-mysql","tag-summary"],"_links":{"self":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/5264","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5264"}],"version-history":[{"count":8,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/5264\/revisions"}],"predecessor-version":[{"id":6339,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/5264\/revisions\/6339"}],"wp:attachment":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5264"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5264"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5264"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}