When I go to a message board and ask something like, “how do I limit port 3306 to one computer using iptables?” and you know the answer, please just answer the damned question. I know you have it in your iptables config file. It is probably simple. Don’t point us to a website on iptables (we already found that and said, “WTF?”. Copy the lines in question and post them.
Some of us like to go outside. We want to get the answer and use it. We do not want to understand every technology like you do. The ones we use all the time we’ll master. These other things – no chance.
Then there are the, “oh – a newbie question – what goes in the newbie section” responses. You know what? Bite me. Once again we are trying to solve a problem. Answers like that do not help. They piss us off.
There. I said it. I will probably loose my geek membership card but that’s okay with me.
by the way – here is the answer that worked for me:
/sbin/iptables -A INPUT -i eth0 -p tcp --dport mysql -j DROP
/sbin/iptables -A INPUT -i eth0 -p udp --dport mysql -j DROP
/sbin/iptables -I INPUT -i eth0 -p tcp -s 188.8.131.52 --dport mysql -j ACCEPT
/sbin/iptables -I INPUT -i eth0 -p udp -s 184.108.40.206 --dport mysql -j ACCEPT
just replace 220.127.116.11 with the ip you need to allow