I can't get webmin up in my browser (own fault)

I f**ked up badly. I think I did so by changing resolv.conf a few weeks ago (trying to solve a dns problem). I didn’t back up the old version. Anyway, since a few weeks I can’t get virtualmin / webmin up on the screen. Just times out. However, webmin/virtualmin does work:

links https://localhost:10101 does work (I set the port to 10101 in stead of 10000)

https://88.208.232.11:10101/ does not work

host ns1.penghost.co.uk has address 213.171.223.34 (other server than this one)

which is fine

host ns2.penghost.co.uk has address 88.208.232.11 (this server)

fine too

My current resolv.conf looks like this:

nameserver 213.171.192.249
nameserver 213.171.193.245
nameserver 127.0.0.1
nameserver penghost.co.uk

three questions:

is it possible at all for you to tell me what my resolv.conf should look like?
what’s the next step I should take?
is reinstalling webmin/virtualmin (or something like that) a quick fix?

Thanks, and I really am sorry for abusing your time because of my own ignorance.

resolve.conf could look like this
nameserver 213.171.192.249
nameserver 213.171.193.245
nameserver 127.0.0.1
domain penghost.co.uk

reinstalling virtualmin is not a fix, but will make things worse

are you checking in a LAN or so, since localhost does work?

Thanks for answering (so fast)!

I’m sorry, I had it as domain penghost.co.uk in the file, just wrongly typed it in here. (Still have to find out how to copy from putty and paste in another programme in linux…)

That does answer your question too, doesn’t it? I’m checking using putty / SSH. The servers are in the UK, I’m in Spain. The sites are available, just webmin/virtualmin aren’t…

is reinstalling webmin/virtualmin (or something like that) a quick fix?

Please never reach for “reinstall” anything as a quick fix. It definitely is not with Virtualmin; you’ll remove significant amounts of vital data by doing so. (Webmin is more tolerant of having things ripped apart and put back, as it doesn’t have much meta data, but Virtualmin is heavily reliant on its own data, so destroying that data is a bad idea. If you have good recent backups, it’s not an issue, but it’s probably still overkill, since problems are generally always easy to fix.)

Is Webmin running?

/etc/init.d/webmin status

Is it listening on the port and address you think?

netstat -ln | grep 10101

(or grep for whatever port you configured it to run on; you might check 10000, just in case your configuration wasn’t actually completed)

Is there a firewall blocking access to port 10101?

“webmin (pid …) is running”

netstat -ln | grep 10101

tcp 0 0 0.0.0.0:10101 0.0.0.0:* LISTEN

? Does that look good? (Guess not)

About a firewall: how would I find out? And, you know, it could be of course, but it’s exactly when I was trying to ‘solve’ a DNS thing that afterwards I found out I couldn’t get to virtualmin no more.

p.s. about reinstalling virtualmin: I wasn’t seriously considering doing it, I was just suggesting things that went around in my head to see what you guys, who know, thought about them.

Forgot to say thanks for taking the time to answer me: Thanks!

that netstat entry is okay
but you may want to open udp port 10101 in your firewall also…

that is a webmin module in networking I think

hmm, been looking, but to no avail… Any idea how I could do this (without webmin or virtualmin)? I’m on a ubuntu machine.

webmin - networking - Linux Firewall is where you can add rules to your firewall.

But the (original) problem is I can’t see webmin or virtualmin…

Or am I misunderstanding you?

ah yeah, sorry, then look in /etc/iptables and add the rule directly.

I tried:

iptables -A INPUT -p tcp --dport 10101 -j ACCEPT

and

iptables -A INPUT -p tcp --dport 10101 -j ACCEPT -m state --state NEW

it showed fine in iptables -L

but still couldn’t open virtualmin…

thats tcp, how about udp? and you did restart iptables, yes?
can you connect if you temporarily disable iptables?

Thanks Ronald, for all your support!

I created this script:

echo “Stopping firewall and allowing everyone…”
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

(found it on the web, as just a iptables -F would completely block off the server (it’s a few thousand km away from me))

and then I was able to get to webmin / virtualmin, so it’s definitely a iptables thing.

however, I rebooted the machine right away after seeing it was working as it was a bit too open for everyone with the above script.

Now I need to know how to modify iptables so it will let me in…

Is there anyone here that could show me what his/her iptables -L looks like with a correctly working webmin / virtualmin ?

It is frustrating, it’s right there…

Ok, I found it, thanks to you guys!

The trick was to ‘insert’ the rule, so it wouldn’t be applied after blocking all the traffic:

iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 10101 -j ACCEPT

using -I in stead of the -A

pfew…

Thanks people!

(happy bunny)