Webmin thinks Shorewall is being used when it never has been

richard47 · February 1, 2026, 9:15pm

SYSTEM INFORMATION
OS type and version	Centos 7
Webmin version	2.621

Viewing the Linux Firewall page in Webmin shows these two messages near the top:

External managed rules detected. Activate “[Directly edit firewall rules”] or your firewall rules may break.

Warning! It appears that Shorewall is being used to generate your system’s firewall. Maybe you should use the [Shoreline Firewall module] instead.

Shorewall Firewall has never been used on this server. Not sure how to resolve these issues. I only want to use the iptables firewall. Is there some file I should look for and perhaps delete that is causing it to think “External managed rules detected”?

Thanks.

richard47 · February 1, 2026, 9:33pm

Forgot to mention that the Linux Firewall and Linux IP6 Firewall modules are listed in the Un-used Modules list and Refresh Modules process does not fix that. Also cannot successfully move those two modules in Reassign Modules configuration option. It lets me specify a different category for those modules but then nothing actually changes.

CTS · February 1, 2026, 9:37pm

Are you really using CentOS 7?

richard47 · February 1, 2026, 9:43pm

Yes, I know that Centos 7 is EOL but it is a big deal to upgrade. Have to move to Rocky and there is no simple way to do that. Best way is to spin up a new server, install Rocky, and recreate / move everything including modifying code to work with newer versions of all the packages I use. Then test it all. I have done that for one of my servers but it is very time consuming, even using Gemini to help identify and modify the code changes that are needed.

CTS · February 1, 2026, 9:53pm

Yes it is work to move to a new OS for sure.
I have no Idea what customization you have done and what you need to do to get that to work on new Rocky Linux.

No advice I have to give for current problem as I do not have Centos 7 to test on

Joe · February 1, 2026, 10:14pm

If it weren’t installed, it wouldn’t detect it, as far as I know. So, if you’re not using it, uninstall it.

richard47 · February 2, 2026, 3:21am

Yes, I should uninstall Shorewall. The problem however is that Webmin seems to think iptables (Linux Firewall) is not installed or not used when it clearly is. I can launch it but only from the Un-used Modules list and I can’t seem to be able to move it to the Networking category in Webmin. Seems odd to me. I have never used or needed to uninstall Shorewall from any of my other servers.

Joe · February 2, 2026, 5:05am

Is the Shorewall service enabled?

Joe · February 2, 2026, 5:07am

Er, actually, I guess it doesn’t matter. If Shorewall exists, Webmin assumes you installed it for a reason (it’s not part of the default OS install and there’s no reason to install it if you’re not using it).

The Shorewall module just looks for the shorewall command:

github.com/webmin/webmin

shorewall/install_check.pl

master

# install_check.pl

do 'shorewall-lib.pl';

# is_installed(mode)
# For mode 1, returns 2 if the server is installed and configured for use by
# Webmin, 1 if installed but not configured, or 0 otherwise.
# For mode 0, returns 1 if installed, 0 if not
sub is_installed
{
return 0 if (!&has_command($config{'shorewall'}) ||
	     !-d $config{'config_dir'});
return $_[0] ? 2 : 1;
}

albajordi55433 · March 2, 2026, 10:58pm

I saw the same warning once on CentOS 7. It was caused by some old Shorewall config files left in /etc/shorewall even though it wasn’t active. After removing those and restarting Webmin, the message went away. Might be worth checking if any leftover configs are there.