MySQL Enterprise Firewall is based on a plugin library that implements these components:
A server-side plugin named
MYSQL_FIREWALLexamines SQL statements before they execute and, based on its in-memory cache, renders a decision whether to execute or reject each statement.
Server-side plugins named
INFORMATION_SCHEMAtables that provide views into the firewall data cache.
System tables named
mysqldatabase provide persistent storage of firewall data.
Stored procedures named
sp_reload_firewall_rules()perform tasks such as registering MySQL accounts with the firewall, establishing their operational mode, and managing transfer of firewall data between the cache and the underlying system tables.
A set of user-defined functions provides an SQL-level API for lower-level tasks such as synchronizing the cache with the underlying system tables.
System variables enable firewall configuration and status variables provide runtime operational information.