Unreachable panel after update with no errors using domain:10000 and ip:10000

Mouad · December 25, 2022, 2:32am

SYSTEM INFORMATION
OS type and version	CentOS Linux release 7.9.2009 (Core)
Webmin version	webmin version 2.010

Hi Guys, Suddenly today I can’t reach webmin and the login page anymore, but all my websites still working.

i tried :

systemctl restart webmin
reboot
yum update -y

Modules complémentaires chargés : fastestmirror
Loading mirror speeds from cached hostfile
 * Webmin: download.webmin.com
Excluding mirror: mirror.fra10.de.leaseweb.net
 * base: asi-fs-n.contabo.net
 * centos-sclo-rh: mirror.23m.com
Excluding mirror: mirror.fra10.de.leaseweb.net
 * centos-sclo-sclo: artfiles.org
Excluding mirror: mirror.nl.leaseweb.net
Excluding mirror: mirror.de.leaseweb.net
 * epel: mirror.alwyzon.net
Excluding mirror: mirror.fra10.de.leaseweb.net
 * extras: artfiles.org
 * remi-php74: remi.schlundtech.de
 * remi-php80: remi.schlundtech.de
 * remi-safe: remi.schlundtech.de
Excluding mirror: mirror.fra10.de.leaseweb.net
 * updates: asi-fs-n.contabo.net
No packages marked for update

iptables -I INPUT 1 -p tcp --dport 10000 -j ACCEPT
systemctl status webmin

● webmin.service - Webmin server daemon
   Loaded: loaded (/usr/lib/systemd/system/webmin.service; enabled; vendor preset: disabled)
   Active: active (running) since dim. 2022-12-25 02:29:32 CET; 51min ago
 Main PID: 9923 (miniserv.pl)
   CGroup: /system.slice/webmin.service
           ├─9923 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
           └─9924 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf

déc. 25 03:19:18 domain.com su[17766]: (to domainx) root on none
déc. 25 03:19:18 domain.com su[17779]: (to domainx) root on none
déc. 25 03:19:18 domain.com su[17791]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18009]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18021]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18028]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18042]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18047]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18051]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18056]: (to domainx) root on none

ps aux | grep miniserv | grep -v grep

root       572  0.0  0.1 197664 19352 ?        Ss   01:40   0:00 /usr/bin/perl /usr/libexec/usermin/miniserv.pl /etc/usermin/miniserv.conf
root      9923  0.0  0.1 200020 20040 ?        Ss   02:29   0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
root      9924  0.0  0.1 197944 18764 ?        S    02:29   0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf

netstat -tnlp | grep perl

tcp        0      0 0.0.0.0:20000           0.0.0.0:*               LISTEN      572/perl            
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      9923/perl           
tcp6       0      0 :::10000                :::*                    LISTEN      9923/perl

firewall-cmd --list-all

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: dhcpv6-client ftp http https imap imaps pop3 pop3s smtp smtps ssh
  ports: 587/tcp 53/tcp 20/tcp 2222/tcp 10000-10100/tcp 20000/tcp 1025-65535/tcp 53/udp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
	rule family="ipv4" source address="80.94.95.206" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="45.78.5.29" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="61.177.173.46" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="193.201.9.160" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="61.177.172.104" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="185.239.69.227" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"

grep port /etc/webmin/miniserv.conf

port=10000

systemctl status usermin

● usermin.service - Usermin server daemon
   Loaded: loaded (/usr/lib/systemd/system/usermin.service; enabled; vendor preset: disabled)
   Active: active (running) since dim. 2022-12-25 00:40:09 CET; 2h 47min ago
 Main PID: 572 (miniserv.pl)
   CGroup: /system.slice/usermin.service
           └─572 /usr/bin/perl /usr/libexec/usermin/miniserv.pl /etc/usermin/miniserv.conf

déc. 25 00:40:08 mouax.com systemd[1]: Starting Usermin server daemon...
déc. 25 00:40:09 mouax.com systemd[1]: Started Usermin server daemon.

port 10000 is open, i checked it with an external website
the problème :
Solution :

The problem disappeared after i switched the Security Level of my home router Firewall from High to Low.

There are three options

High:Traffic Denied Inbound and Minimally Permit Common Services Outbound.
Low:All Outbound traffic and pinhole-defined Inbound traffic is allowed.
Off: All Inbound and Outbound traffic is allowed

Joe · December 25, 2022, 5:03pm

Good request! You’ve already answered the first two or three questions I would have asked!

If you’re using Virtualmin, why is this repo enabled? You should be getting all of our packages, including Webmin, from software.virtualmin.com. There’s a couple of known bugs in the current Webmin version that effect Virtualmin which means we have not pushed it to Virtualmin repos. But, those issues don’t explain the problem you have…just pointing out it’s recommended you use the Virtualmin repos if you use Virtualmin, and the Webmin repos only if you only use Webmin.

I don’t see anything immediately obviously wrong, though.

Ports are open, process is running and listening.

So…I guess try restarting Webmin systemctl restart webmin, and check the status afterward and also the journal journalctl -fu webmin

Then check the /var/webmin/miniserv.error log for more clues.

Mouad · December 25, 2022, 5:31pm

Thank you for your response, miniserv.error already checked, the problem comes from the firewall in my local router, so i switched the Security Level back to Low and solved it.

About virtualmin repos, in which config file should i add software.virtualmin.com ?

Thanks.

system · February 23, 2023, 5:31pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.