wait_timeout fails when using iptables
Brought to you by:
cinergi
Menu
▾
▴
To avoid the "too many connections" problem I set the mysql variable wait_timeout to 60 seconds. This worked on my development system but failed on my production system. The production system has sshd_config with 'Port 5897' and iptables set accordingly whereas the development system has both 'Port 5897' and 'Port 22' in sshd_config and iptables allowing both ports through. The production system (the one with ssh only listening to port 22) does not timeout ever whereas the development system which also listens to port 22 does time out the connections after 60 seconds.
Is there a way to have the firewall block port 22 and still have wait_timeout working?
Doug Laing
Oops sorry a typo.
'The production system (the one with ssh only listening to port 22)...
should read:
'The production system (the one with ssh only listening to port 5897)... '
Corrected version:
To avoid the "too many connections" problem I set the mysql variable wait_timeout to 60 seconds. This worked on my development system but failed on my production system. The production system has sshd_config with 'Port 5897' and iptables set accordingly whereas the development system has both 'Port 5897' and 'Port 22' in sshd_config and iptables allowing both ports through. The production system (the one with ssh only listening to port 5897) does not timeout ever whereas the development system which also listens to port 22 does time out the connections after 60 seconds.
Is there a way to have the firewall block port 22 and still have wait_timeout working?
Doug Laing
I don't think you've identified the problem correctly. Blocking port 22 will have no effect on MySQL's connection timeout. Are you sure MySQL is reading the configuration file you think it's reading and that the configuration file is correct (e.g. the setting is in the right section of the file)?