I am having quite a few problems on a tricky server.
One of my main problems at the moment is that tcpdump cannot seem to get the packets sent to mysql, unless I tinker with MySQL a bit.
This is what I run:
tcpdump -s 65535 -x -nn -q -tttt -i any -c 99999 port 3306
When I run this, no output is shown.
If however, I log into mysql using
mysql -h 127.0.0.1
..then tcpdump does show some output.
My problem is that the current traffic coming from apache does not show up using tcpdump and I do not know if I need to change a parameter in tcpdump, MySQL or apache.
Some more info:
netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN 2238/mysqld
cat /etc/hosts
127.0.0.1 localhost localhost.localdomain
Can anyone please help?
You're not seeing the traffic using tcpdump because MySQL isn't using TCP, it's using a Unix socket. You need to configure the database client (presumably a PHP application, although I guess in theory you could be using Apache itself to talk to MySQL) to connect to
127.0.0.1, becauselocalhost(typically the default) is a special value that means "use a Unix socket" to the MySQL client library.