# How to redirect MySQL (jail1) to Apache/SSH (jail2) with PF



## bryn1u (Jul 2, 2014)

Hey,

I have a problem bec*a*use *I* can't connect with MySQL. I have two jails (jail1 and jail2). In jail1 are users with SSH access, *I* want to give them the possibility to connect with the MySQL database which is in jail2 and *I* was wondering how *I* can do that.

I've tried everything (*I* think so). I*'*m using PF.


```
ext_if=em0

...
## Nat/RDR/Pass ###

nat on $ext_if from $net_jail to any -> $ip_pub
rdr on $ext_if proto tcp from any to $ip_pub port 3306 -> $ip_jail2 port 3306
pass in on $ext_if proto tcp from any to $ip_jail2 port 3306
...
```

Can someone help me? 

```
Checking MySQL-root access...	SQLSTATE[HY000] [1130] Host '192.168.0.1' is not allowed to connect to this MySQL server
```

Ehhh


----------



## wekers (Jul 4, 2014)

*Re: How to redirect MySQL (jail1) to Apache/SSH (jail2) with*

You want to connect mysql from ssh command by jail1 to jail2? 
For this jail to jail you don't need pf, only the nat pf it's ok.  Change privileges on MySQL i.e.:

In your jail where MySQL is:

```
$ mysql -u root -p
Enter password:
mysql> use mysql;
mysql> GRANT ALL ON *.* to root@'YOURIPJAIL2' IDENTIFIED BY 'your-root-password'; 
mysql> FLUSH PRIVILEGES;
```

In your jail1 ssh try connect them.


To see your users etc in MySQL command line:

```
select User, Host from mysql.user;
```


----------



## SirDice (Jul 5, 2014)

*Re: How to redirect MySQL (jail1) to Apache/SSH (jail2) with*

Both jails are in the same network so there's no need for NAT or redirections.


----------



## Melvyn (Jul 6, 2014)

*Re: How to redirect MySQL (jail1) to Apache/SSH (jail2) with*



			
				bryn1u said:
			
		

> ```
> Checking MySQL-root access...	SQLSTATE[HY000] [1130] Host '192.168.0.1' is not allowed to connect to this MySQL server
> ```



The big hint here is that you get a reply from the MySQL server, so the network is not a problem.


----------

