I f**ked up badly. I think I did so by changing resolv.conf a few weeks ago (trying to solve a dns problem). I didn't back up the old version. Anyway, since a few weeks I can't get virtualmin / webmin up on the screen. Just times out. However, webmin/virtualmin does work:
links https://localhost:10101 does work (I set the port to 10101 in stead of 10000)
https://88.208.232.11:10101/ does not work
host ns1.penghost.co.uk has address 213.171.223.34 (other server than this one)
which is fine
host ns2.penghost.co.uk has address 88.208.232.11 (this server)
fine too
My current resolv.conf looks like this:
nameserver 213.171.192.249 nameserver 213.171.193.245 nameserver 127.0.0.1 nameserver penghost.co.uk
three questions:
is it possible at all for you to tell me what my resolv.conf should look like? what's the next step I should take? is reinstalling webmin/virtualmin (or something like that) a quick fix?
Thanks, and I really am sorry for abusing your time because of my own ignorance.
resolve.conf could look like this
nameserver 213.171.192.249
nameserver 213.171.193.245
nameserver 127.0.0.1
domain penghost.co.uk
reinstalling virtualmin is not a fix, but will make things worse
are you checking in a LAN or so, since localhost does work?
Thanks for answering (so fast)!
I'm sorry, I had it as domain penghost.co.uk in the file, just wrongly typed it in here. (Still have to find out how to copy from putty and paste in another programme in linux...)
That does answer your question too, doesn't it? I'm checking using putty / SSH. The servers are in the UK, I'm in Spain. The sites are available, just webmin/virtualmin aren't...
is reinstalling webmin/virtualmin (or something like that) a quick fix?
Please never reach for "reinstall" anything as a quick fix. It definitely is not with Virtualmin; you'll remove significant amounts of vital data by doing so. (Webmin is more tolerant of having things ripped apart and put back, as it doesn't have much meta data, but Virtualmin is heavily reliant on its own data, so destroying that data is a bad idea. If you have good recent backups, it's not an issue, but it's probably still overkill, since problems are generally always easy to fix.)
Is Webmin running?
/etc/init.d/webmin status
Is it listening on the port and address you think?
netstat -ln | grep 10101
(or grep for whatever port you configured it to run on; you might check 10000, just in case your configuration wasn't actually completed)
Is there a firewall blocking access to port 10101?
--
Check out the forum guidelines!
"webmin (pid ...) is running"
netstat -ln | grep 10101
tcp 0 0 0.0.0.0:10101 0.0.0.0:* LISTEN
? Does that look good? (Guess not)
About a firewall: how would I find out? And, you know, it could be of course, but it's exactly when I was trying to 'solve' a DNS thing that afterwards I found out I couldn't get to virtualmin no more.
p.s. about reinstalling virtualmin: I wasn't seriously considering doing it, I was just suggesting things that went around in my head to see what you guys, who know, thought about them.
Forgot to say thanks for taking the time to answer me: Thanks!
that netstat entry is okay
but you may want to open udp port 10101 in your firewall also...
that is a webmin module in networking I think
hmm, been looking, but to no avail... Any idea how I could do this (without webmin or virtualmin)? I'm on a ubuntu machine.
webmin - networking - Linux Firewall is where you can add rules to your firewall.
But the (original) problem is I can't see webmin or virtualmin...
Or am I misunderstanding you?
ah yeah, sorry, then look in /etc/iptables and add the rule directly.
I tried:
iptables -A INPUT -p tcp --dport 10101 -j ACCEPT
and
iptables -A INPUT -p tcp --dport 10101 -j ACCEPT -m state --state NEW
it showed fine in iptables -L
but still couldn't open virtualmin...
thats tcp, how about udp? and you did restart iptables, yes?
can you connect if you temporarily disable iptables?
Thanks Ronald, for all your support!
I created this script:
echo "Stopping firewall and allowing everyone..." iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT
(found it on the web, as just a iptables -F would completely block off the server (it's a few thousand km away from me))
and then I was able to get to webmin / virtualmin, so it's definitely a iptables thing.
however, I rebooted the machine right away after seeing it was working as it was a bit too open for everyone with the above script.
Now I need to know how to modify iptables so it will let me in...
Is there anyone here that could show me what his/her iptables -L looks like with a correctly working webmin / virtualmin ?
It is frustrating, it's right there...
Ok, I found it, thanks to you guys!
The trick was to 'insert' the rule, so it wouldn't be applied after blocking all the traffic:
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 10101 -j ACCEPT
using -I in stead of the -A
pfew.....
Thanks people!
(happy bunny)