I just came across this issue and it's late here so I can't really think straight anymore right now. Still this is something pretty simple so I'm not really seeing what I'm missing and just going nuts here:
I was setting up a server I use solely for running docker containers. I started with a MariaDB container all ok here and I decided to connect to it just to make sure all is working.
So now I want to connect to server running MariaDB, and since I'm behind firewalld, I started by configuring it by adding a new zone to firewall-cmd, add service and source:
firewall-cmd --permanent --new-zone=test-from-home
firewall-cmd --reload
firewall-cmd --permanent --zone=test-from-home --add-service=mysql
firewall-cmd --permanent --zone=test-from-home --add-source=XX.XX.XX.XX/32
firewall-cmd --reload
And I connected perfectly using mysql -u root -p -h host
All great!
Running firewall-cmd --get-active-zones
returns:
[root@nd01 latest]# firewall-cmd --get-active-zones
test-from-home
sources: XX.XX.XX.XX/32
public
interfaces: eth0
So just because sometimes I remember making these tests to make sure everything is working, I connected to another machine and I connected successfully from this other IP.
firewall-cmd --zone=test-from-home --list-all
test-from-home (active)
target: default
icmp-block-inversion: no
interfaces:
sources: XX.XX.XX.XX/32
services: mysql
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: ssh dhcpv6-client
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Why am I being able to connect from a random machine? What am I missing? Thanks