SYSTEM INFORMATION | |
---|---|
OS type and version | CentOS Linux release 7.9.2009 (Core) |
Webmin version | webmin version 2.010 |
Hi Guys, Suddenly today I can’t reach webmin and the login page anymore, but all my websites still working.
i tried :
- systemctl restart webmin
- reboot
- yum update -y
Modules complémentaires chargés : fastestmirror
Loading mirror speeds from cached hostfile
* Webmin: download.webmin.com
Excluding mirror: mirror.fra10.de.leaseweb.net
* base: asi-fs-n.contabo.net
* centos-sclo-rh: mirror.23m.com
Excluding mirror: mirror.fra10.de.leaseweb.net
* centos-sclo-sclo: artfiles.org
Excluding mirror: mirror.nl.leaseweb.net
Excluding mirror: mirror.de.leaseweb.net
* epel: mirror.alwyzon.net
Excluding mirror: mirror.fra10.de.leaseweb.net
* extras: artfiles.org
* remi-php74: remi.schlundtech.de
* remi-php80: remi.schlundtech.de
* remi-safe: remi.schlundtech.de
Excluding mirror: mirror.fra10.de.leaseweb.net
* updates: asi-fs-n.contabo.net
No packages marked for update
- iptables -I INPUT 1 -p tcp --dport 10000 -j ACCEPT
- systemctl status webmin
● webmin.service - Webmin server daemon
Loaded: loaded (/usr/lib/systemd/system/webmin.service; enabled; vendor preset: disabled)
Active: active (running) since dim. 2022-12-25 02:29:32 CET; 51min ago
Main PID: 9923 (miniserv.pl)
CGroup: /system.slice/webmin.service
├─9923 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
└─9924 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
déc. 25 03:19:18 domain.com su[17766]: (to domainx) root on none
déc. 25 03:19:18 domain.com su[17779]: (to domainx) root on none
déc. 25 03:19:18 domain.com su[17791]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18009]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18021]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18028]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18042]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18047]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18051]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18056]: (to domainx) root on none
- ps aux | grep miniserv | grep -v grep
root 572 0.0 0.1 197664 19352 ? Ss 01:40 0:00 /usr/bin/perl /usr/libexec/usermin/miniserv.pl /etc/usermin/miniserv.conf
root 9923 0.0 0.1 200020 20040 ? Ss 02:29 0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
root 9924 0.0 0.1 197944 18764 ? S 02:29 0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
- netstat -tnlp | grep perl
tcp 0 0 0.0.0.0:20000 0.0.0.0:* LISTEN 572/perl
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 9923/perl
tcp6 0 0 :::10000 :::* LISTEN 9923/perl
- firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ftp http https imap imaps pop3 pop3s smtp smtps ssh
ports: 587/tcp 53/tcp 20/tcp 2222/tcp 10000-10100/tcp 20000/tcp 1025-65535/tcp 53/udp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="80.94.95.206" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="80.94.95.206" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="80.94.95.206" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="80.94.95.206" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="80.94.95.206" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="80.94.95.206" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="80.94.95.206" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.89" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.89" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.89" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.89" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.89" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.89" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.89" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="141.98.11.112" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="141.98.11.112" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="141.98.11.112" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="141.98.11.112" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="141.98.11.112" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="141.98.11.112" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="141.98.11.112" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.76" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.76" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.76" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.76" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.76" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.76" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.76" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="45.78.5.29" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="61.177.173.46" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="193.201.9.160" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.143" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.143" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.143" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.143" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.143" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.143" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.143" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="61.177.172.104" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.79" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.79" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.79" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.79" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.79" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.79" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.79" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="185.239.69.227" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.170" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.170" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.170" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.170" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.170" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.170" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.170" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.91" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.91" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.91" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.91" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.91" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.91" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
rule family="ipv4" source address="46.148.40.91" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
- grep port /etc/webmin/miniserv.conf
port=10000
- systemctl status usermin
● usermin.service - Usermin server daemon
Loaded: loaded (/usr/lib/systemd/system/usermin.service; enabled; vendor preset: disabled)
Active: active (running) since dim. 2022-12-25 00:40:09 CET; 2h 47min ago
Main PID: 572 (miniserv.pl)
CGroup: /system.slice/usermin.service
└─572 /usr/bin/perl /usr/libexec/usermin/miniserv.pl /etc/usermin/miniserv.conf
déc. 25 00:40:08 mouax.com systemd[1]: Starting Usermin server daemon...
déc. 25 00:40:09 mouax.com systemd[1]: Started Usermin server daemon.
-
port 10000 is open, i checked it with an external website
-
the problème :
-
Solution :
The problem disappeared after i switched the Security Level of my home router Firewall from High to Low.
There are three options
High:Traffic Denied Inbound and Minimally Permit Common Services Outbound.
Low:All Outbound traffic and pinhole-defined Inbound traffic is allowed.
Off: All Inbound and Outbound traffic is allowed