接上一篇：企業實戰_22_MyCatSQL攔截
https://blog.csdn.net/weixin_40816738/article/details/100073474

文章目錄

• • • • • 1. SQL防火墻_白名單配置
        • 2. 白名單測試
        • 3. SQL防火墻_黑名單配置
        • 4. SQL防火墻_黑名單測試

SQL防火墻：包括2個標簽<whitehost></whitehost><blacklist></blacklist>

• 白名單：白名單設置允許訪問的ip 和 用戶
• 黑名單：配置黑名單的列表，配置mycat對那些操作進行限制

1. SQL防火墻_白名單配置

# 配置白名單 # 只允許192.168.92.104服務器并且是app_imooc用戶的訪問mycat vim /app/mycat/conf/server.xml <firewall><whitehost><host host="192.168.92.104" user="app_imooc"></host></whitehost></firewall>

注釋：防火墻標簽要在user標簽前面

2. 白名單測試

使用app_imooc用戶在192.168.92.101服務器登錄mycat測試

[root@node1 ~]# mysql -uapp_imooc -p -h192.168.92.101 -P8066 Enter password: ERROR 1045 (HY000): Access denied for user 'app_imooc' with host '192.168.92.101' [root@node1 ~]#

使用app_imooc用戶在192.168.92.104服務器登錄mycat測試

[root@node4 ~]# mysql -uapp_imooc -p -h192.168.92.101 -P8066 Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.6.29-mycat-1.6.5-release-20180122220033 MyCat Server (OpenCloundDB)Copyright (c) 2000, 2021, Oracle and/or its affiliates.Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql>

3. SQL防火墻_黑名單配置

# 配置黑名單 # 不允許刪除不寫where條件 vim /app/mycat/conf/server.xml

添加內容而下

<!-- sql防火墻 配置 --><firewall><whitehost><!-- 設置允許訪問的用戶和服務器主機 --><host host="192.168.43.101" user="app_imooc"></host></whitehost><!-- 是否開啟黑名單校驗 --><blacklist check="true"><!-- 設置mycat對那些操作進行限制 --><property name="deleteWhereNoneCheck">true</property></blacklist></firewall>

4. SQL防火墻_黑名單測試

# 重啟啟動mycat mycat stop mycat start# 使用app_imooc用戶在192.168.92.104服務器登錄mycat測試 [root@node4 ~]# mysql -uapp_imooc -p -h192.168.92.101 -P8066 Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 1 Server version: 5.6.29-mycat-1.6.5-release-20180122220033 MyCat Server (OpenCloundDB)Copyright (c) 2000, 2021, Oracle and/or its affiliates.Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql> use imooc_db; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -ADatabase changed mysql> delete from order_master; ERROR 3012 (HY000): The statement is unsafe SQL, reject for user 'app_imooc' mysql>

從上圖可以得出結論，黑名單生效了

下一篇：企業實戰_24_MyCat實現讀寫分離
https://gblfy.blog.csdn.net/article/details/100103666

創作挑戰賽新人創作獎勵來咯，堅持創作打卡瓜分現金大獎

總結

以上是生活随笔為你收集整理的企业实战_23_MyCat SQL防火墙的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。