Trying to install Virtualmin GPL on a fresh Godaddy unmanaged VPS running Centos 7.
First time user of Centos 7, been trying a couple of days to get it to work, have destroyed/rebuilt the server at least half a dozen times and still no closer to getting Virtualmin to work!
The server starts with Centos 7.1.* and iptables isn’t running correctly. Iptables isn’t running because of this issue: https://www.centos.org/forums/viewtopic.php?f=51&t=54469
Checked a few things before making any changes:
# systemctl is-enabled firewalld
disabled
systemctl is-active firewalld
unknown
# systemctl is-enabled iptables
enabled
systemctl is-active iptables
failed
So iptables is enabled, but is failing to start.
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
Something in the default rules are stopping iptables running. According to the thread above it’s due to this being a VPS and not a dedicated server. The default iptables file before making any changes is identical to what is listed at the thread above, but it’s not being used because of an error: it’s not line 14 per se, that’s the commit line, I tried adding commit after each rule in iptables and it failed at the first rule (-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT).
Default iptables file:
# sample configuration for iptables service
you can edit this manually or use system-config-firewall
please do not ask us to add additional ports/services to this default configuration
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
service iptables save
Fixes the issue so iptables activates, but there’s no iptable rules (none of the above is saved).
Yet the server starts with most ports blocked by default: Godaddy support have been useless providing information on how they block all ports except ports 80 and 22 (I haven’t checked all ports, just the commonly used ones like MYSQL, DNS, HTTPS, FTP etc… and they are all blocked by default).
Prior to installing Virtualmin I’ve tried to add iptables rules like these (also tried after installing Virtualmin):
-A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20000 -j ACCEPT
to see if iptables works and though the rules are added the ports are still blocked.
So I don’t know how the server is blocking/unblocking ports, looks like it’s not via iptables and firewalld isn’t enabled/active either???
After running yum update (updates to Centos v7.3.1611) I use the install.sh file to install Virtualmin with no errors reported.
wget http://software.virtualmin.com/gpl/scripts/install.sh
chmod +x install.sh
./install.sh
Before a reboot all ports you’d expect to be open after Virtualmin are installed: MYSQL, HTTPS, DNS and are open, but ports 10000 and 20000 are closed.
After a reboot port 20000 is open, but port 10000 is still closed.
I can login to Usermin, but not Virtualmin/Webmin.
I’ve checked what iptable rules are active and still nothing is listed, so no idea how/where the ports for MYSQL etc… are saved.
Any idea what to check next?
If I can’t open port 10000 thinking of switching Webmin to use port 20000 since I don’t need access to Usermin.
Thanks in advance
David