Home

GreenSQL Howto

One of my friends told me that the website lacks information about application itself. In order to feel the gap I decided to create this howto document. This document will help new users start working with the GreenSQL database protection system. While creating this document, Ubuntu was chosen as an installation OS. In your case it could be different. This document can still be relevant for you.

Download Application

In order to work with greensql you need to download two applications - greensql-fw and greensql-console. Both of these tools required parts of the system. You can download these tools here. I advice you to grab most fresh version.

For greensql-fw application, we supply packages for: Debian, Ubuntu, FreeBSD, Fedora, SuSe.

Currently we do not supply installation package for greensql-console. You will have to download greensql-console-0.x.x-tar.gz file.

Install GreenSQL Package

It is very easy to do. Just run the following command:

Debian Users
dpkg -i PACKAGE_NAME.deb

Ubuntu Users
sudo dpkg -i PACKAGE_NAME.deb

Redhat/Fedora/CentOS/SuSe Users
rpm -ihv PACKAGE_NAME.rpm

FreeBSD Users
pkg_add PACKAGE_NAME.tbz

Note for Debian / Ubuntu Users

During package installation, you will be asked a number of installation questions related to database settings. Installation package automatically configures database settings for you. For example:

GreenSQL Installation - Database ServerGreenSQL Installation - Database Server

Setting up configuration database

GreenSQL uses MySQL database to store alerts and configuration. For those of you that do not use Ubuntu/Debian you will have to install GreenSLQ configuration database using configuration script. Just run it as follows:

/usr/sbin/greensql-create-db

This script will guide you through database configuration settings. It is advised to run it as a root user. It this case it will automatically updates database settings in GreenSQL configuration file /etc/greensql/greensql.conf . Otherwise you will have to do it manually.

Starting GreenSQL

You can use the following command to start greensql-fw service.
/etc/init.d/greensql start

Application troubleshooting
Please check /var/log/greensql.log file for any error messages.

Install GreenSQL Console

GreenSQL Console is a web based management tools used to configure GreenSQL firewall. In brief you can install it follows:

  1. Untar the archive to your web site.
  2. Make templates_c world writable. This directory is used to store cached pages.
  3. Alter database settings. Edit config.php file.

Here is the print screen of the required commands:

GreenSQL Console InstallationGreenSQL Console Installation

Validation

In order to verify that everything works correctly you can run the following mysql command:

mysql -h 127.0.0.1 -P 3305 -u root -p

In the above command we connect to a default port of GreenSQL - 3305. GreenSQSL will filter all SQL queries and redirect good ones to 127.0.0.1:3306 (3306 - is a default MySQL port). You can alter this settings using GreenSQL-Console application.

Important Note
DO not connect to "localhost". Use "127.0.0.1" instead. If you use "localhost" connection is not established using the TCP/IP network stack. Instead so called Unix domain sockets are used. Currently GreenSQL does not support Unix domain sockets - you will have to use "127.0.0.1".

For example in the next screenshot you can see, that after connection to mysql server we perform show databases mysql command. This command must show a list of existing MySQL databases. GreenSQL will block it by default. As a result, an empty resultset is returned.

GreenSQL Installation - ValidationGreenSQL Installation - Validation

Proxy installed. What's next ?

You need to change you application setting to use proxy server as a MySQL db server. In most of the web applications you have administrative tool that could be used to set up database settings. You can configure db server to point "127.0.0.1" and explicitly specify network port - 3305 (127.0.0.1:3305 are default settings used by GreenSQL, in your case it could be different).

If your application does not provides a friendly tool to configure db server setting please check if you have config.php or simalar file that has database settings. If you can not find configuration file, please check if you find similar PHP command:

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');

You need to change this to the following:
$link = mysql_connect('127.0.0.1:3305', 'mysql_user', 'mysql_password');

Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Newsvine
  • Furl
  • Facebook
  • Google
  • Yahoo

Back to top