[SOLVED] Webmin web user interface on Linux mail server is inaccessible
Subject: [SOLVED] Webmin web user interface on Linux mail server is inaccessible
Good day from Singapore,
Today 5th May 2021 Wed, my colleague Edward Joseph Snowden (fictitious name used here) told me that Webmin web user interface on client's Linux mail server is not accessible.
So I putty/ssh into the Linux mail server, which is a CentOS 6.8.
First thing, I checked the configuration of Webmin.
# ps -ef | grep webmin
/usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
# nano /etc/webmin/miniserv.conf
Partial Contents of /etc/webmin/miniserv.conf:
port=10101
listen=10101
From the above snippets, Webmin is not listening on the default port of 10000 but 10101.
Then I proceeded to check the running Linux iptables firewall rules.
# iptables -S | grep 10101
I noticed that TCP port 10101 is NOT open.
I checked /etc/init.d/iptables
Partial Contents of /etc/init.d/iptables
IPTABLES=iptables
IPTABLES_DATA=/etc/sysconfig/$IPTABLES
IPTABLES_FALLBACK_DATA=${IPTABLES_DATA}.fallback
IPTABLES_CONFIG=/etc/sysconfig/${IPTABLES}-config
IPV=${IPTABLES%tables} # ip for ipv4 | ip6 for ipv6
[ "$IPV" = "ip" ] && _IPV="ipv4" || _IPV="ipv6"
PROC_IPTABLES_NAMES=/proc/net/${IPV}_tables_names
VAR_SUBSYS_IPTABLES=/var/lock/subsys/$IPTABLES
From the above snippet, Linux iptables firewall rules are saved in /etc/sysconfig/iptables
I checked /etc/sysconfig/iptables and noticed that it contains the following line:
[root@mail.teo-en-ming-corp.com init.d]# cat /etc/sysconfig/iptables | grep 10101
-A INPUT ! -i lo -p tcp -m state --state NEW -m tcp --dport 10101 -j ACCEPT
Apparently the saved iptables firewall rules DO allow TCP port 10101.
To solve the problem, I executed the following command.
# service iptables restart
This allows the saved iptables firewall rules to be reloaded. Now TCP port 10101 is open in the Linux iptables firewall.
Besides the above issue, I also noticed that new iptables firewall rules were added to block the Windows Server in the same subnet from accessing it.
# iptables -S | grep xxx
-A DENYIN -s 192.168.1.xxx/32 ! -i lo -j DROP
-A DENYOUT -d 192.168.1.xxx/32 ! -o lo -j LOGDROPOUT
I proceeded to delete the above 2 iptables firewall rules.
# iptables -D DENYIN -s 192.168.1.xxx/32 ! -i lo -j DROP
# iptables -D DENYOUT -d 192.168.1.xxx/32 ! -o lo -j LOGDROPOUT
Now Webmin web user interface is accessible from the Windows Server in the same subnet. Turritopsis Dohrnii Teo En Ming has solved the problem.
Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 5th May 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a System Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.
REFERENCES
===========
[1] https://marc.info/?l=netfilter&m=162022351008848&w=2
[2] https://sourceforge.net/p/webadmin/mailman/message/37275793/
Comments
Post a Comment