Home / server / Questions / 65195
Accepted
DisgruntledGoat
Asked: 2009-09-15 07:51:17 +0800 CST

Webmin and/or port 10000 not working

  • 772

I've recently installed Webmin on a Ubuntu server but I can't get it to work. I asked a recent question about saving iptables but it turns out you don't need to "save" iptables changes.

Anyway, I still can't get Webmin working after opening the port up:

iptables -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT

It seems that either the command is not opening up port 10000, or there is a separate problem with Webmin. If I run iptables -L I see lines like the following, but no port 10000:

ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:5555 state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8002 state NEW
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:9001 state NEW

However, there is a line:

ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:webmin

Any ideas why Webmin is not working? The IP address works fine and we can view web sites on the server, but https://[ip]:10000/ (or http) doesn't work.

ubuntu

7 Answers

  1. Best Answer

    I managed to fix this following the advice on this page by adding the rule to the beginning of the list, rather than the end. If you append it, the rule comes after all the traffic has been dropped, which doesn't work.

    This command did it:

    iptables -I INPUT 1 -p tcp --dport 10000 -j ACCEPT
    • 20

  2. Try changing the port and listen in \etc\webmin\miniserv.conf

    example:

    port=1000
listen=1000

    Then restart webmin:

    /etc/init.d/webmin restart

    Now use:

    https://iporhost:1000/
    • 3

  3. Does it work locally on the server where webmin is installed (ie. http[s]://127.0.0.1:10000)? If you don't want to install a graphical webbrowser to test this, just try it with wget or something.

    The dpt:webmin part of your output just means there is an entry for webmin on port 10000 in your /etc/services and iptables looks it up to give a more meaningful output (service type instead of hostname).

    • 0

  4. Also make sure webmin is configured to listen from remote addresses. This is under webmin configuration>IP access control.

    • 0

  5. maybe blocked/forwarded on the router? it's not a usual port to be open on every router... i happen to have it open on one only because it's DMZ'd. Also you don't mention how you're trying to connect. my corporate firewall blocks anything other than port 80 and 443 so to access from their system I have to change it to a port that they permit.

    • 0

  6. as another possible solution (since you didn't mention this...) if possible, VPN to your network. VPN should permit connectivity.

    • 0

  7. I had to modify the above answer to include the -i option which allows you to specify which interface the rule should be applied to. When I ran the rule without the option, it was not showing up in iptables -L but after specifying the interface, it worked like a charm.

    From the iptables -h docs:

    [!] --in-interface -i input name[+]
                                network interface name ([+] for wildcard)

    So, to apply the rule to any ethernet interface you would do the following:

    iptables -I INPUT 1 -p tcp --dport 10000 -i eth+ -j ACCEPT

    Or, to listen on on a specific ethernet interface (eth1, for example) you would do:

    iptables -I INPUT 1 -p tcp --dport 10000 -i eth1 -j ACCEPT

    Now, iptables -L should show it at the top of the output and you will be able to access webmin's web interface. HTH.

    • 0