Unreachable panel after update with no errors using domain:10000 and ip:10000

SYSTEM INFORMATION
OS type and version CentOS Linux release 7.9.2009 (Core)
Webmin version webmin version 2.010

Hi Guys, Suddenly today I can’t reach webmin and the login page anymore, but all my websites still working.

i tried :

  • systemctl restart webmin
  • reboot
  • yum update -y
Modules complémentaires chargés : fastestmirror
Loading mirror speeds from cached hostfile
 * Webmin: download.webmin.com
Excluding mirror: mirror.fra10.de.leaseweb.net
 * base: asi-fs-n.contabo.net
 * centos-sclo-rh: mirror.23m.com
Excluding mirror: mirror.fra10.de.leaseweb.net
 * centos-sclo-sclo: artfiles.org
Excluding mirror: mirror.nl.leaseweb.net
Excluding mirror: mirror.de.leaseweb.net
 * epel: mirror.alwyzon.net
Excluding mirror: mirror.fra10.de.leaseweb.net
 * extras: artfiles.org
 * remi-php74: remi.schlundtech.de
 * remi-php80: remi.schlundtech.de
 * remi-safe: remi.schlundtech.de
Excluding mirror: mirror.fra10.de.leaseweb.net
 * updates: asi-fs-n.contabo.net
No packages marked for update
  • iptables -I INPUT 1 -p tcp --dport 10000 -j ACCEPT
  • systemctl status webmin
● webmin.service - Webmin server daemon
   Loaded: loaded (/usr/lib/systemd/system/webmin.service; enabled; vendor preset: disabled)
   Active: active (running) since dim. 2022-12-25 02:29:32 CET; 51min ago
 Main PID: 9923 (miniserv.pl)
   CGroup: /system.slice/webmin.service
           ├─9923 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
           └─9924 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf

déc. 25 03:19:18 domain.com su[17766]: (to domainx) root on none
déc. 25 03:19:18 domain.com su[17779]: (to domainx) root on none
déc. 25 03:19:18 domain.com su[17791]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18009]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18021]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18028]: (to domainx) root on none
déc. 25 03:20:23 domain.com su[18042]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18047]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18051]: (to domainx) root on none
déc. 25 03:20:24 domain.com su[18056]: (to domainx) root on none
  • ps aux | grep miniserv | grep -v grep
root       572  0.0  0.1 197664 19352 ?        Ss   01:40   0:00 /usr/bin/perl /usr/libexec/usermin/miniserv.pl /etc/usermin/miniserv.conf
root      9923  0.0  0.1 200020 20040 ?        Ss   02:29   0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
root      9924  0.0  0.1 197944 18764 ?        S    02:29   0:00 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
  • netstat -tnlp | grep perl
tcp        0      0 0.0.0.0:20000           0.0.0.0:*               LISTEN      572/perl            
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      9923/perl           
tcp6       0      0 :::10000                :::*                    LISTEN      9923/perl
  • firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: dhcpv6-client ftp http https imap imaps pop3 pop3s smtp smtps ssh
  ports: 587/tcp 53/tcp 20/tcp 2222/tcp 10000-10100/tcp 20000/tcp 1025-65535/tcp 53/udp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
	rule family="ipv4" source address="80.94.95.206" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="80.94.95.206" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.89" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="141.98.11.112" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.76" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="45.78.5.29" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="61.177.173.46" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="193.201.9.160" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.143" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="61.177.172.104" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.79" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="185.239.69.227" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.170" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="smtp" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="465" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="submission" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="imap3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="imaps" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="pop3" protocol="tcp" reject type="icmp-port-unreachable"
	rule family="ipv4" source address="46.148.40.91" port port="pop3s" protocol="tcp" reject type="icmp-port-unreachable"
  • grep port /etc/webmin/miniserv.conf
port=10000
  • systemctl status usermin
● usermin.service - Usermin server daemon
   Loaded: loaded (/usr/lib/systemd/system/usermin.service; enabled; vendor preset: disabled)
   Active: active (running) since dim. 2022-12-25 00:40:09 CET; 2h 47min ago
 Main PID: 572 (miniserv.pl)
   CGroup: /system.slice/usermin.service
           └─572 /usr/bin/perl /usr/libexec/usermin/miniserv.pl /etc/usermin/miniserv.conf

déc. 25 00:40:08 mouax.com systemd[1]: Starting Usermin server daemon...
déc. 25 00:40:09 mouax.com systemd[1]: Started Usermin server daemon.
  • port 10000 is open, i checked it with an external website

  • the problème :
    Capture d’écran 2022-12-25 à 03.30.22

  • Solution :

The problem disappeared after i switched the Security Level of my home router Firewall from High to Low.

There are three options

High:Traffic Denied Inbound and Minimally Permit Common Services Outbound.
Low:All Outbound traffic and pinhole-defined Inbound traffic is allowed.
Off: All Inbound and Outbound traffic is allowed

Good request! You’ve already answered the first two or three questions I would have asked!

If you’re using Virtualmin, why is this repo enabled? You should be getting all of our packages, including Webmin, from software.virtualmin.com. There’s a couple of known bugs in the current Webmin version that effect Virtualmin which means we have not pushed it to Virtualmin repos. But, those issues don’t explain the problem you have…just pointing out it’s recommended you use the Virtualmin repos if you use Virtualmin, and the Webmin repos only if you only use Webmin.

I don’t see anything immediately obviously wrong, though.

Ports are open, process is running and listening.

So…I guess try restarting Webmin systemctl restart webmin, and check the status afterward and also the journal journalctl -fu webmin

Then check the /var/webmin/miniserv.error log for more clues.

1 Like

Thank you for your response, miniserv.error already checked, the problem comes from the firewall in my local router, so i switched the Security Level back to Low and solved it.

About virtualmin repos, in which config file should i add software.virtualmin.com ?

Thanks.

1 Like