From owner-freebsd-security  Tue Jul 17  8:35:40 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail.cstone.net (mail.cstone.net [209.145.64.80])
	by hub.freebsd.org (Postfix) with ESMTP id 59BD437B408
	for <freebsd-security@FreeBSD.ORG>; Tue, 17 Jul 2001 08:35:35 -0700 (PDT)
	(envelope-from esproul@ntelos.net)
Received: from ntelos.net (thunderbolt.eng.cstone.net [209.145.66.13])
	by mail.cstone.net (8.11.1/8.11.1) with ESMTP id f6HFZYv91336
	for <freebsd-security@FreeBSD.ORG>; Tue, 17 Jul 2001 11:35:34 -0400 (EDT)
Message-ID: <3B545B3A.40C17B0C@ntelos.net>
Date: Tue, 17 Jul 2001 11:35:22 -0400
From: Eric Sproul <esproul@ntelos.net>
X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.4.3 i686)
X-Accept-Language: en
MIME-Version: 1.0
To: freebsd-security@FreeBSD.ORG
Subject: Re: stunnel/mysql question
References: <3B53529F.A0DBDC48@ntelos.net> <20010716160002.A80238@i-sphere.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

faSty wrote:
> 
> you need fix your hostname on MySQL under db table in mysql database.
> 
> I.E.
> 
> 1. mysql mysql
> 2. insert into db values(Host,User,Db)
> 3. values("hostname","username","snortdb");
> 4. flush privileges;
> 
> very important you find correct hostname, you must find exactly hostname
> when you are on tunneled and once you find correct hostname to replace
> "hostname" in values's parameters. I assumed
>

In the user privilege table, which I assume you are referring to, I have
got both 127.0.0.1 and "localhost%" as potential access hosts for user
snortdb.  I figured having both the 127.0.0.1 and the localhost wildcard
would take care of everything.  Even if they don't, during my testing I
did a full "%" wildcard and it *still* didn't work.  That's why I
suspected stunnel "mangulation" because I believe I have eliminated host
access rules as the source of the problem.

Eric

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message