尝试连接到远程MySQL主机(错误2003)

hel*_*ate 26 mysql debian iptables mysql-error-2003

我有一个在Debian服务器上运行的MySQL实例,我可以在本地连接到它,没有任何问题.但是,我无法远程连接到它.当我从命令行尝试这个时,我收到以下错误:

ERROR 2003 (HY000): Can't connect to MySQL server on '<server-ip>' (110)
Run Code Online (Sandbox Code Playgroud)

我已将用户添加到mysql为'user'@'*'和'user'@'localhost'.此服务器中的skip-networking设置为false,并在my.cnf中注释掉绑定地址.我还尝试使用以下命令在iptables中打开端口3306:

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
Run Code Online (Sandbox Code Playgroud)

这是我所有iptable防火墙规则的列表,我使用iptables -L进行了检索:

Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
REJECT     tcp  --  anywhere             anywhere            tcp dpt:auth reject-with icmp-port-unreachable 
ACCEPT     icmp --  anywhere             anywhere            icmp type 8 code 0 state NEW,RELATED,ESTABLISHED,UNTRACKED 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:ftp state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:ssh state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp spts:1024:65535 dpt:www state NEW 
ACCEPT     tcp  --  <my-server>          anywhere            tcp spts:1024:65535 dpt:mysql state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:49152:65534 state NEW 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql 
LOG        all  --  anywhere             anywhere            limit: avg 5/min burst 5 LOG level debug prefix `iptables denied: ' 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql 
LOG        tcp  --  anywhere             anywhere            tcp dpt:mysql LOG level debug 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Run Code Online (Sandbox Code Playgroud)

有谁知道我应该从哪里开始?

Mik*_*ton 12

根据您的响应,您需要查找您和服务器之间是否存在阻止连接的设备.你也应该保证你可以telnet到3306上该服务器的以太网地址时,登录到服务器 ...如果不是,你可能还没有得到在绑定以太网服务my.cnf...看bind-address参数.