How to allow an ip address to access a specific port on the server without blocking other traffic

First off, am using Firewalld and my configuration is as follows:

• All traffic is allowed (nothin fancy).
• Server has MySQL and Apache2 (Linux Debian)

I need to allow MySQL remote connections to a specific ip address (my ip) without shutting out http connections. The MySQL config file only allows one ip and thus I can't directly add my ip there cuz then Apache2 won't be able to connect over http that's why am looking for a firewall solution.

I have also tried creating a specific zone using firewalld (firewall-cmd) but the zone ended up blocking all http traffic since it had a source ip and thus ended up here.

Any help is greatly appreciate.

Opening MySQL port anywhere outside is a security risk and I prefer to avoid it.

I would leave MySQL listening to localhost and instead use SSH port forwarding to access MySQL remotely:

1. Run ssh -L 3306:localhost:3306 [email protected] on the remote machine
2. On remote machine, use localhost as the MySQL server.

If you need to have the SSH connection on all the time, then you can use a tool autossh which keeps the SSH connection open and automatically reconnects if it is disconnected at some point.