Documentation Home
MySQL 8.0 Reference Manual
Related Documentation Download this Manual
PDF (US Ltr) - 40.9Mb
PDF (A4) - 41.0Mb
PDF (RPM) - 39.7Mb
HTML Download (TGZ) - 9.5Mb
HTML Download (Zip) - 9.6Mb
HTML Download (RPM) - 8.1Mb
Man Pages (TGZ) - 256.7Kb
Man Pages (Zip) - 366.8Kb
Info (Gzip) - 3.9Mb
Info (Zip) - 3.9Mb
Excerpts from this Manual

MySQL 8.0 Reference Manual  /  ...  /  Elements of MySQL Enterprise Firewall

6.4.7.1 Elements of MySQL Enterprise Firewall

MySQL Enterprise Firewall is based on a plugin library that includes these elements:

  • A server-side plugin named MYSQL_FIREWALL examines SQL statements before they execute and, based on the registered firewall profiles, renders a decision whether to execute or reject each statement.

  • The MYSQL_FIREWALL plugin, along with server-side plugins named MYSQL_FIREWALL_USERS and MYSQL_FIREWALL_WHITELIST implement Performance Schema and INFORMATION_SCHEMA tables that provide views into the registered profiles.

  • Profiles are cached in memory for better performance. Tables in the mysql system database provide backing storage of firewall data for persistence of profiles across server restarts.

  • Stored procedures perform tasks such as registering firewall profiles, establishing their operational mode, and managing transfer of firewall data between the cache and persistent storage.

  • User-defined functions provide an API for lower-level tasks such as synchronizing the cache with persistent storage.

  • System variables enable firewall configuration and status variables provide runtime operational information.

  • The FIREWALL_ADMIN and FIREWALL_USER privileges enable users to administer firewall rules for any user, and their own firewall rules, respectively.