Home

Howto

The following document covers installation and basic configuration of the GreenSQL database firewall.

1. Download Application

In order to work with greensql you need to download two applications - greensql-fw and greensql-console. You can download these tools here. I advice you to grab most fresh version.

For greensql-fw application, we supply packages for: Debian, Ubuntu, FreeBSD, Fedora, SuSe.

Currently we do not supply installation package for greensql-console. You will have to download greensql-console-0.x.x-tar.gz file.

2. Install GreenSQL Package

It is very easy to do. Just run the following command:

Debian Users
dpkg -i PACKAGE_NAME.deb

Ubuntu Users
sudo dpkg -i PACKAGE_NAME.deb

Redhat/Fedora/CentOS/SuSe Users
rpm -ihv PACKAGE_NAME.rpm

FreeBSD Users
pkg_add PACKAGE_NAME.tbz

Note for Debian / Ubuntu Users

During package installation, you will be asked several installation questions related to database configuration (GreenSQL uses MySQL database to store logs and internal configuration). Installation package automatically configures database settings for you. For example:

GreenSQL Installation - Database ServerGreenSQL Installation - Database Server

3. Setting up configuration database

GreenSQL uses MySQL database to store alerts and configuration. For those of you that do not use Ubuntu/Debian you will have to install GreenSQL configuration database using configuration script. Just run it as follows:

/usr/sbin/greensql-create-db.sh

This script will guide you through database configuration settings. It is advised to run it as a root user. It this case it will automatically updates database settings in GreenSQL configuration file /etc/greensql/greensql.conf . Otherwise you will have to do it manually.

4. Starting GreenSQL

You can start GreenSQL firewall using the following command:
/etc/init.d/greensql start

Application troubleshooting
Please check /var/log/greensql.log file for any error messages.

5. Install GreenSQL Console

GreenSQL Console is a web based management tools used to configure GreenSQL firewall. In brief you can install it follows:

  1. Untar the archive to your default web directory.
  2. Make templates_c world writable. This directory is used to store cached pages.
  3. Alter database settings. Edit config.php file.

Here is the print screen of the required commands:

GreenSQL Console InstallationGreenSQL Console Installation

6. Validation

In order to verify that everything works correctly you can run the following mysql command:

mysql -h 127.0.0.1 -P 3305 -u root -p

In the above command we connect to a default port of GreenSQL - 3305. GreenSQSL will filter all SQL queries and redirect good ones to 127.0.0.1:3306 (3306 - is a default MySQL port). You can alter this settings using GreenSQL-Console application.

Important Note
Do not connect to "localhost". Use "127.0.0.1" instead. If you use "localhost", connection is not established using the TCP/IP network stack. Instead so called Unix domain sockets are used. Currently GreenSQL does not support Unix domain sockets - you will have to use "127.0.0.1".

For example in the next screenshot you can see, that after connection to mysql server we perform "show databases" mysql command. This command must show a list of existing MySQL databases. GreenSQL will block it by default. As a result, an empty result is printed.

GreenSQL Installation - ValidationGreenSQL Installation - Validation

7. Proxy installed. What's next ?

You need to change you application setting and configure it to use GreenSQL server as a MySQL db server. Most of the web applications have management tool that can be configured to use specific database settings. You can configure it to use "127.0.0.1" as a database server IP address and explicitly specify network port - 3305 (127.0.0.1:3305 are default settings used by GreenSQL, in your case it could be different).

If the web application you are using does not have management tool, check if you have config.php or similar file in web application directory. Check database settings in this file. If you can not find configuration file, please check if you can find similar PHP command:

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');

You need to change this to the following:
$link = mysql_connect('127.0.0.1:3305', 'mysql_user', 'mysql_password');

Back to top