I have Ubuntu Linux 22.04.5 with virtualmin 7.20.2 webmin 2.202 .
The problem is, that Pings and outgoing requests where filtered by the Server.
icmp_seq Paket filtered. Websites run Out of time.
i have
net.ipv4.ip_forward=1 in /etc/sysctl.conf
and
firewall-cmd --add-masquerade --permanent
firewall-cmd --reload
i have also testet with Debian 12 … the same problem.
with oracle Linux 9.4 and centos7 (i know it is outdatet) it works…
What can i do ?
Nothing about this is “on Virtualmin”. Virtualmin has nothing to do with routing.
The default firewall configuration that Virtualmin sets up does nothing to outgoing requests. If you’re seeing outgoing requests filtered, I would assume it is happening outside the Virtualmin system. (Unless you’ve configured a custom firewall or your provider setup a custom firewall on their image, but I can’t imagine it would block outgoing requests.)
I have tested some things an a fresh installed Ubuntu
with only webmin and firewall-cmd does routing…
nothing is filtered…
maybe it is why it is a Focal-Fossa Ubuntu… hm…
I will try to setup virtualmin now and see whats happening.
Ok… it comes from the firewall-cmd settings.
when i split the external and internal zones to different interfaces the routing stops.
so why this works on oracle and centos and not with Ubuntu… ?
can i post my config files ?
Less a question as to what’s in the files and probably more what’s not in the files. I know Cisco pretty well but the Linux iptables and what follows always brings tears to my eyes.
i want to split the internal and external interfaces.
So my guess is when i set the public rules - and they have both interfaces this is not save
for …ssh or ftp when public has both interfaces.
So i switch ssh To internal and ftp to external http on public. all is fine.
and it works pretty well. with Ubuntu focal-fossa .
The same settings on an Ubuntu 22.04.5 do not route. Iit allows the external and internal port as expected . But a Ping from inside to google.de or anywhere else says the packets are filtered
Maybe you can compare the two configurations then. Kinda strange that filters would be applied by default to outgoing connections. Especially ICMP. I’d suspect something in your zone setup.
i have now an fresh installed ubuntu 20.4 with firewalld and net.ipv4.ip_forward=1
The firewall configuration is a copy from the focal Ubuntu.
wich results by ping in “Zielport nicht erreichbar”