VirtualMin inaccessible after server reboot.

17 posts / 0 new
Last post
#1 Sun, 04/26/2015 - 13:30
jxburns

VirtualMin inaccessible after server reboot.

Firstly I am not a Linux expert so please be kind - my expertise is in Windows servers although I have run my own Linux server for past 15 years or so in various disguises/operating systems as a basic unit.

I have leased a new dedicated server with Ubuntu 14.04/64bit installed and did nothing else it it after being passed over to me by the provider. Thought I would use VirtualMin/Webmin as the GUI and do everything from there as have had good reviews from friends. Anyway I used the install.sh to install and everything apparently went well. I was able to login to the GUI and check all was OK using the configuraton checker. All I did was then disable mailman. I did nothing else after this other that running through the configuration check which confirmed everything OK.

I then used the GUI to reboot the server (just to check all was OK) and the server restarted normally. However I could no longer get to the VirtualMin GUI - it eventually times out without any error. I checked various logs and there did not seem anything untoward as far as I could tell including the ones in /var/webmin. I checked Apache2 and WebMin are they both show as running. As does MYSQL.

I have had a knowledgeable friend of mine spend some time looking over the system and even he cannot find out why not. Even just typing the IP address of the server fails to bring up the Apache Ubuntu holding page which it did immediately after installing VirtualMin.

If I then uninstall VirtualMin using (sh install.sh --uninstall) and then reinstall I can once again gain access including displaying the server holding page. Reboot the server (either through GUI or command line) and same thing happens. I cannot obviously see any difference in services running or not.

I have seen some vague references to this behaviour elsewhere but none of the "fixes" appear to solve this. It would appear to be an VirtualMin problem with Apache but have no idea.

So asking to see if anyone has any ideas?

Thanks - John

Sun, 04/26/2015 - 17:27
lostandfound

I am no expert all but how are you accessing Virtualmin? I think by default it is https://xx.xxx.xx.xx:10000 . Do you get a response if you run "virtualmin info" on the command line? If yes then what does "virtualmin check-config" give you?

If you inspect the headers the page which had shown the Apache holding page does it give you an error, not found or forbidden?

Mon, 04/27/2015 - 10:03 (Reply to #2)
jxburns

I am using the IP:10000. This is not the first time I have used WebMin/VirtualMin but 1st time I have installed from the all-in-one installer. However the last time I installed WebMin then VirtualMin and rebooted I had exactly the same result at the time putting it down to something I had done wrong.

As for virtualmin info this is what I get

cpu: * 1 * 0 * 100 * 0 * 0 disk_free: 929582524416 disk_total: 982214553600 fcount: dir: 0 dns: 0 doms: 0 ftp: 0 logrotate: 0 mail: 0 mysql: 0 postgres: 0 spam: 0 ssl: 0 unix: 0 virus: 0 web: 0 webalizer: 0 webmin: 0 ftypes: * doms * dns * web * ssl * mail * dbs * users * aliases host: hostname: serverxxxxxxxxxxxxxxxxxxxxx.live-servers.net [hidden] module root: /usr/share/webmin/virtual-server os: Ubuntu Linux 14.04.2 root: /usr/share/webmin theme version: 9.0 virtualmin version: 4.16.gpl webmin version: 1.740 io: * 0 * 1 kernel: arch: x86_64 os: Linux version: 3.13.0-49-generic load: * 0.01 * 0.03 * 0.05 * 1600 * Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz * GenuineIntel * 6291456 * 4 maxquota: 0 mem: * 12172516 * 11200100 * 4000176 * 4000176 * 1019920 * procs: 145 progs: * * Operating system * Ubuntu Linux 14.04.2 * * Perl version * 5.018002 * * Path to Perl * /usr/bin/perl * * BIND version * 9.9.5 * * Postfix version * 2.11.0 * * Mail injection command * /usr/lib/sendmail -t * * Apache version * 2.4.7 * * PHP versions * 5.5.9 * * Webalizer version * 2.23-08 * * Logrotate version * 3.8.7 * * MySQL version * 5.5.43 * * ProFTPd version * 1.35 * * SpamAssassin version * 3.4.0 * * ClamAV version * 0.98.6 reboot: 0 status: * feature: web name: Apache Webserver status: 1 * feature: dns name: BIND DNS Server status: 1 * feature: mail name: Postfix Mail Server status: 1 * feature: dovecot name: Dovecot IMAP / POP3 Server status: 1 * feature: ftp name: ProFTPd FTP Server status: 0 * feature: sshd name: SSH Server status: 1 * feature: mysql name: MySQL Database Server status: 1

virtualmin check-config gives the following:

Your system has 11.61 GB of memory, which is at or above the Virtualmin recommended minimum of 256 MB.

BIND DNS server is installed, and the system is configured to use it.

Mail server Postfix is installed and configured.

Postfix can support per-domain outgoing IP addresses, but is not currently configured to do so. This can be setup in the Postfix Mailserver module.

Apache is installed.

The following PHP versions are available : 5.5.9 (/usr/bin/php5-cgi)

Webalizer is installed.

Apache is configured to host SSL websites.

MySQL is installed and running.

ProFTPd is installed.

Logrotate is installed.

SpamAssassin and Procmail are installed and configured for use.

ClamAV is installed and assumed to be running.

Plugin AWstats reporting is installed OK.

Plugin Protected web directories is installed OK.

Using network interface eth0 for virtual IPs.

Default IPv4 address for virtual servers is xxx.xxx.xxx.xxx. [hidden]

Default IP address is set to xxx.xxx.xxx.xxx, which matches the detected external address.

Both user and group quotas are enabled for home and email directories.

All commands needed to create and restore backups are installed.

The selected package management and update systems are installed OK.

OK

And the page reports taking too long to respond. The header however shows as 200 OK.

Thanks - John

Wed, 04/29/2015 - 09:01 (Reply to #3)
jxburns

I thought I would replicate the steps on a brand new VirtualBox session by installing Ububtu 14.04LTS first (to simulate the server build) and then the VirtualMin script. Needless to say that after rebooting everything works perfectly.

So perhaps there is something on the Ubuntu setup that is overwritten by the VirtualMin setup that, upon reboot, the server objects to. Does anyone else have any ideas of what I should be looking for.

This is on a FastHosts dedicated server if that helps.

Thanks - John

Wed, 04/29/2015 - 10:12
andreychek

Howdy,

Hmm -- does it correct that problem to manually restart Webmin?

You can do that with this command:

service webmin restart

If so, that may mean that Webmin isn't listed in the services to start at launch time, for some reason.

-Eric

Wed, 04/29/2015 - 10:21 (Reply to #5)
jxburns

No. Already tried that. Webmin does restart but does cure the problem.

In fact, after a server reboot

service webmin status

returns

Webmin (pid 2018) is running

(similary so does apache2)

So appears to be normal.

Rgds John

Wed, 04/29/2015 - 11:03
andreychek

Is there perhaps a firewall blocking access to your server?

You can determine that with this command:

iptables -L -n

Wed, 04/29/2015 - 16:12 (Reply to #7)
jxburns

As I mentioned the problem occurs after rebooting after installing VirtualMin. Before installing VirtualMin and immediately afterwards I have no problem accessing any of the system. I can't see it being a firewall problem unless VirtualMin is setting something unexpected.

Currently (with VirtualMin/holding page unobtainable) iptables -L -n reports:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
DROP       all  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0

Thanks - John

Wed, 04/29/2015 - 17:41
andreychek

Howdy,

Ah, it looks like you have a firewall that is dropping everything except for SSH traffic on port 22.

My recommendation would be to disable the firewall on your server, that should resolve the issue you're experiencing.

-Eric

Wed, 04/29/2015 - 18:35 (Reply to #9)
jxburns

That was after a server reboot after installing VirtualMin. Before rebooting (and with VirtualMin running OK) it was reporting this which I now see has lots of relevant ports open.

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:20000
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:10000
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:993
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:143
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:995
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:110
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:20
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:21
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:587
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:25
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22


Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

UFW was not running as you can see.

After rebooting the server, and proving VirtualMin no longer working, I then ran

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F

to clear the firewall rules and voila, the system working albeit without any firewall.

I then rebooted. Immediately after booting I regained access to the terminal. Logged in and checked the firewall and saw what I expected:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

But no access to VirtualMin. Then checked the firewall again and this time it reported:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
DROP       all  --  0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0

Somehow the server boot process starts off with a firewall that is as it was just before the reboot only to be overrideen with one just allowing access using SSH. I am now wondering if the hosting company have done something to ensure the server is firewalled by default (whereas an Ubuntu install normally leaves everything open) and their iptables is being installed by default from some location I have yet to find in a startup script.

Thanks for the suggestions. This is leading me somewhere as they are not telling me a lot yet about how they set up Ubuntu so ammunition to go back to them with.

Rgds John

Wed, 04/29/2015 - 20:58
Diabolico
Diabolico's picture

Why just dont rebuild your server with fresh Ubuntu? Should not take more than few minutes.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Wed, 04/29/2015 - 22:18
andreychek

Howdy,

Are you using any software that could be adding a firewall?

The process of installing Virtualmin does open holes in a firewall.

However, if there's other software that had been installed that's re-configuring the firewall afterwards, that could be causing the problem you're seeing.

You could always show us the process list from your server, you can get that by running "ps auxw".

-Eric

Thu, 04/30/2015 - 02:02 (Reply to #12)
jxburns

a) I have already revuilt the server but the only options I have are to use the images provided by the hosting company. I have already asked them what they do other than use a standard image which may reveal all.

b) I am not installing anything, other than VirtualMin, once the server has been rebuilt.

Processes post rebuild/virtualmin installed/rebooted:

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  33464  2764 ?        Ss   00:11   0:01 /sbin/init
root         2  0.0  0.0      0     0 ?        S    00:11   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    00:11   0:00 [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S<   00:11   0:00 [kworker/0:0H]
root         7  0.0  0.0      0     0 ?        S    00:11   0:08 [rcu_sched]
root         8  0.0  0.0      0     0 ?        S    00:11   0:07 [rcuos/0]
root         9  0.0  0.0      0     0 ?        S    00:11   0:02 [rcuos/1]
root        10  0.0  0.0      0     0 ?        S    00:11   0:04 [rcuos/2]
root        11  0.0  0.0      0     0 ?        S    00:11   0:03 [rcuos/3]
root        12  0.0  0.0      0     0 ?        S    00:11   0:00 [rcu_bh]
root        13  0.0  0.0      0     0 ?        S    00:11   0:00 [rcuob/0]
root        14  0.0  0.0      0     0 ?        S    00:11   0:00 [rcuob/1]
root        15  0.0  0.0      0     0 ?        S    00:11   0:00 [rcuob/2]
root        16  0.0  0.0      0     0 ?        S    00:11   0:00 [rcuob/3]
root        17  0.0  0.0      0     0 ?        S    00:11   0:00 [migration/0]
root        18  0.0  0.0      0     0 ?        S    00:11   0:00 [watchdog/0]
root        19  0.0  0.0      0     0 ?        S    00:11   0:00 [watchdog/1]
root        20  0.0  0.0      0     0 ?        S    00:11   0:00 [migration/1]
root        21  0.0  0.0      0     0 ?        S    00:11   0:00 [ksoftirqd/1]
root        23  0.0  0.0      0     0 ?        S<   00:11   0:00 [kworker/1:0H]
root        24  0.0  0.0      0     0 ?        S    00:11   0:00 [watchdog/2]
root        25  0.0  0.0      0     0 ?        S    00:11   0:00 [migration/2]
root        26  0.0  0.0      0     0 ?        S    00:11   0:00 [ksoftirqd/2]
root        27  0.0  0.0      0     0 ?        S    00:11   0:00 [kworker/2:0]
root        28  0.0  0.0      0     0 ?        S<   00:11   0:00 [kworker/2:0H]
root        29  0.0  0.0      0     0 ?        S    00:11   0:00 [watchdog/3]
root        30  0.0  0.0      0     0 ?        S    00:11   0:00 [migration/3]
root        31  0.0  0.0      0     0 ?        S    00:11   0:00 [ksoftirqd/3]
root        32  0.0  0.0      0     0 ?        S    00:11   0:00 [kworker/3:0]
root        33  0.0  0.0      0     0 ?        S<   00:11   0:00 [kworker/3:0H]
root        34  0.0  0.0      0     0 ?        S<   00:11   0:00 [khelper]
root        35  0.0  0.0      0     0 ?        S    00:11   0:00 [kdevtmpfs]
root        36  0.0  0.0      0     0 ?        S<   00:11   0:00 [netns]
root        37  0.0  0.0      0     0 ?        S<   00:11   0:00 [writeback]
root        38  0.0  0.0      0     0 ?        S<   00:11   0:00 [kintegrityd]
root        39  0.0  0.0      0     0 ?        S<   00:11   0:00 [bioset]
root        41  0.0  0.0      0     0 ?        S<   00:11   0:00 [kblockd]
root        42  0.0  0.0      0     0 ?        S<   00:11   0:00 [ata_sff]
root        43  0.0  0.0      0     0 ?        S    00:11   0:00 [khubd]
root        44  0.0  0.0      0     0 ?        S<   00:11   0:00 [md]
root        45  0.0  0.0      0     0 ?        S<   00:11   0:00 [devfreq_wq]
root        46  0.0  0.0      0     0 ?        S    00:11   0:01 [kworker/0:1]
root        48  0.0  0.0      0     0 ?        S    00:11   0:00 [khungtaskd]
root        49  0.0  0.0      0     0 ?        S    00:11   0:00 [kswapd0]
root        50  0.0  0.0      0     0 ?        SN   00:11   0:00 [ksmd]
root        51  0.0  0.0      0     0 ?        SN   00:11   0:00 [khugepaged]
root        52  0.0  0.0      0     0 ?        S    00:11   0:00 [fsnotify_mark]
root        53  0.0  0.0      0     0 ?        S    00:11   0:00 [ecryptfs-kthrea]
root        54  0.0  0.0      0     0 ?        S<   00:11   0:00 [crypto]
root        66  0.0  0.0      0     0 ?        S<   00:11   0:00 [kthrotld]
root        67  0.0  0.0      0     0 ?        S    00:11   0:00 [kworker/u8:1]
root        68  0.0  0.0      0     0 ?        S    00:11   0:01 [kworker/3:1]
root        87  0.0  0.0      0     0 ?        S<   00:12   0:00 [deferwq]
root        88  0.0  0.0      0     0 ?        S<   00:12   0:00 [charger_manager]
root       144  0.0  0.0      0     0 ?        S<   00:12   0:00 [kpsmoused]
root       145  0.0  0.0      0     0 ?        S    00:12   0:00 [scsi_eh_0]
root       146  0.0  0.0      0     0 ?        S    00:12   0:00 [scsi_eh_1]
root       147  0.0  0.0      0     0 ?        S    00:12   0:00 [scsi_eh_2]
root       148  0.0  0.0      0     0 ?        S    00:12   0:00 [scsi_eh_3]
root       149  0.0  0.0      0     0 ?        S    00:12   0:00 [scsi_eh_4]
root       150  0.0  0.0      0     0 ?        S    00:12   0:00 [scsi_eh_5]
root       158  0.0  0.0      0     0 ?        S<   00:12   0:00 [raid5wq]
root       178  0.0  0.0      0     0 ?        S    00:12   0:00 [kworker/1:1]
root       180  0.0  0.0      0     0 ?        S    00:12   0:02 [kworker/2:1]
root       189  0.0  0.0      0     0 ?        S<   00:12   0:00 [bioset]
root       190  0.0  0.0      0     0 ?        S    00:12   0:00 [md0_raid1]
root       194  0.0  0.0      0     0 ?        S<   00:12   0:00 [bioset]
root       195  0.0  0.0      0     0 ?        S    00:12   0:01 [md1_raid1]
root       203  0.0  0.0      0     0 ?        S<   00:12   0:00 [kdmflush]
root       204  0.0  0.0      0     0 ?        S<   00:12   0:00 [bioset]
root       216  0.0  0.0      0     0 ?        S    00:12   0:00 [jbd2/dm-0-8]
root       217  0.0  0.0      0     0 ?        S<   00:12   0:00 [ext4-rsv-conver]
root       344  0.0  0.0  19604   912 ?        S    00:12   0:00 upstart-udev-bridge --daemon
root       348  0.0  0.0  51212  1540 ?        Ss   00:12   0:00 /lib/systemd/systemd-udevd --daemon
root       386  0.0  0.0      0     0 ?        S    00:12   0:00 [irq/44-mei_me]
root       418  0.0  0.0      0     0 ?        S<   00:12   0:00 [kvm-irqfd-clean]
root       474  0.0  0.0  15256   628 ?        S    00:12   0:00 upstart-socket-bridge --daemon
root       504  0.0  0.0      0     0 ?        S<   00:12   0:00 [hd-audio0]
root       673  0.0  0.0      0     0 ?        S    00:12   0:00 [jbd2/md0-8]
root       674  0.0  0.0      0     0 ?        S<   00:12   0:00 [ext4-rsv-conver]
message+   737  0.0  0.0  39212  1248 ?        Ss   00:12   0:00 dbus-daemon --system --fork
root       753  0.0  0.0  15272   628 ?        S    00:12   0:00 upstart-file-bridge --daemon
syslog     756  0.0  0.0 255840  4268 ?        Ssl  00:12   0:02 rsyslogd
root       803  0.0  0.0  43448  1844 ?        Ss   00:12   0:00 /lib/systemd/systemd-logind
root       891  0.0  0.0  15816   960 tty4     Ss+  00:12   0:00 /sbin/getty -8 38400 tty4
root       893  0.0  0.0  15816   960 tty5     Ss+  00:12   0:00 /sbin/getty -8 38400 tty5
root       897  0.0  0.0  15816   960 tty2     Ss+  00:12   0:00 /sbin/getty -8 38400 tty2
root       898  0.0  0.0  15816   960 tty3     Ss+  00:12   0:00 /sbin/getty -8 38400 tty3
root       902  0.0  0.0  15816   952 tty6     Ss+  00:12   0:00 /sbin/getty -8 38400 tty6
root       914  0.0  0.0  14992  1036 ?        Ss   00:12   0:00 /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
root       928  0.0  0.0  61364  3072 ?        Ss   00:12   0:01 /usr/sbin/sshd -D
root       936  0.0  0.0  22000  1600 ?        Ss   00:12   0:00 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf
root       968  0.0  0.0  23652  1040 ?        Ss   00:12   0:00 cron
root       970  0.0  0.0  19184   756 ?        Ss   00:12   0:01 /usr/sbin/irqbalance
mysql      977  0.0  0.9 877792 120168 ?       Ssl  00:12   0:10 /usr/sbin/mysqld
bind       984  0.0  0.2 400964 31352 ?        Ssl  00:12   0:02 /usr/sbin/named -u bind
dovecot    997  0.0  0.0   9280   960 ?        S    00:12   0:00 dovecot/anvil
root       998  0.0  0.0   9408  1156 ?        S    00:12   0:00 dovecot/log
root      1002  0.0  0.0  18600  2104 ?        S    00:12   0:00 dovecot/config
root      1040  0.0  0.5 137784 64740 ?        Ss   00:12   0:03 /usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir -d --pidfile=/var/run/spamd.pid
root      1134  0.0  0.5 137784 62864 ?        S    00:12   0:00 spamd child
root      1135  0.0  0.5 137784 62888 ?        S    00:12   0:00 spamd child
root      1489  0.0  0.0      0     0 ?        S    00:12   0:00 [kauditd]
clamav    1519  0.0  2.6 446624 321008 ?       Ssl  00:12   0:12 /usr/sbin/clamd
clamav    1637  0.0  0.0  54640  2860 ?        Ss   00:12   0:17 /usr/bin/freshclam -d --quiet
root      1758  0.0  0.0  25340  1696 ?        Ss   00:12   0:00 /usr/lib/postfix/master
postfix   1764  0.0  0.0  27456  1572 ?        S    00:12   0:00 qmgr -l -t unix -u
root      1796  0.0  0.0  82640  1076 ?        Ss   00:12   0:00 /usr/sbin/saslauthd -a pam -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      1797  0.0  0.0  82640   752 ?        S    00:12   0:00 /usr/sbin/saslauthd -a pam -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      1798  0.0  0.0  82640   752 ?        S    00:12   0:00 /usr/sbin/saslauthd -a pam -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      1799  0.0  0.0  82640   752 ?        S    00:12   0:00 /usr/sbin/saslauthd -a pam -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      1800  0.0  0.0  82640   752 ?        S    00:12   0:00 /usr/sbin/saslauthd -a pam -m /var/spool/postfix/var/run/saslauthd -r -n 5
snmp      1822  0.0  0.0  45736  3852 ?        S    00:12   0:07 /usr/sbin/snmpd -Lsd -Lf /dev/null -u snmp -g snmp -I -smux mteTrigger mteTriggerConf -p /var/run/snmpd.pid
root      1836  0.0  0.1  76676 18964 ?        Ss   00:12   0:00 /usr/bin/perl /usr/share/usermin/miniserv.pl /etc/usermin/miniserv.conf
root      1852  0.0  0.0  13396   704 ?        Ss   00:12   0:00 /sbin/mdadm --monitor --pid-file /run/mdadm/monitor.pid --daemonise --scan --syslog
proftpd   1878  0.0  0.0 114072  2432 ?        Ss   00:12   0:00 proftpd: (accepting connections)
root      1940  0.0  0.1 332656 17712 ?        Ss   00:12   0:00 /usr/sbin/apache2 -k start
www-data  1943  0.0  0.0 161800  3328 ?        S    00:12   0:00 /usr/sbin/apache2 -k start
www-data  1945  0.0  0.0 332688  6688 ?        S    00:12   0:00 /usr/sbin/apache2 -k start
www-data  1946  0.0  0.0 332688  6688 ?        S    00:12   0:00 /usr/sbin/apache2 -k start
www-data  1947  0.0  0.0 332688  6688 ?        S    00:12   0:00 /usr/sbin/apache2 -k start
www-data  1948  0.0  0.0 332688  6688 ?        S    00:12   0:00 /usr/sbin/apache2 -k start
www-data  1949  0.0  0.0 332688  6688 ?        S    00:12   0:00 /usr/sbin/apache2 -k start
root      1965  0.0  0.5  92044 63208 ?        Ss   00:12   0:00 /usr/share/webmin/virtual-server/lookup-domain-daemon.pl
postgres  1995  0.0  0.1 247764 16220 ?        S    00:12   0:00 /usr/lib/postgresql/9.3/bin/postgres -D /var/lib/postgresql/9.3/main -c config_file=/etc/postgresql/9.3/main/postgresql.conf
postgres  1997  0.0  0.0 247764  1880 ?        Ss   00:12   0:00 postgres: checkpointer process
postgres  1998  0.0  0.0 247764  2676 ?        Ss   00:12   0:00 postgres: writer process
postgres  1999  0.0  0.0 247764  1672 ?        Ss   00:12   0:00 postgres: wal writer process
postgres  2000  0.0  0.0 248624  3028 ?        Ss   00:12   0:00 postgres: autovacuum launcher process
postgres  2001  0.0  0.0 103576  1812 ?        Ss   00:12   0:00 postgres: stats collector process
root      2052  0.0  0.1  80904 19108 ?        Ss   00:12   0:00 /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
root      2058  0.0  0.0  15816   960 tty1     Ss+  00:12   0:00 /sbin/getty -8 38400 tty1
root      2394  0.0  0.0      0     0 ?        S    00:22   0:00 [kworker/0:0]
root      3319  0.0  0.0      0     0 ?        S    00:43   0:00 [kworker/u8:2]
root      4839  0.0  0.0      0     0 ?        S    01:01   0:00 [kworker/1:2]
root      4971  0.1  0.0 105628  4632 ?        Ss   07:49   0:00 sshd: root@pts/2
root      4989  0.2  0.0  23056  4176 pts/2    Ss   07:49   0:00 -bash
root      5002  0.0  0.0  18452  1312 pts/2    R+   07:49   0:00 ps auxw
root     19566  0.0  0.0      0     0 ?        S<   06:22   0:00 [kworker/u9:2]
postfix  20709  0.0  0.0  27404  1540 ?        S    06:52   0:00 pickup -l -t unix -u -c
root     20964  0.0  0.0      0     0 ?        S<   06:58   0:00 [kworker/u9:0]
root     27996  0.0  0.0      0     0 ?        S<   06:59   0:00 [xfsalloc]
root     27997  0.0  0.0      0     0 ?        S<   06:59   0:00 [xfs_mru_cache]
root     27998  0.0  0.0      0     0 ?        S<   06:59   0:00 [xfslogd]
root     28004  0.0  0.0      0     0 ?        S    06:59   0:00 [jfsIO]
root     28005  0.0  0.0      0     0 ?        S    06:59   0:00 [jfsCommit]
root     28006  0.0  0.0      0     0 ?        S    06:59   0:00 [jfsCommit]
root     28007  0.0  0.0      0     0 ?        S    06:59   0:00 [jfsCommit]
root     28008  0.0  0.0      0     0 ?        S    06:59   0:00 [jfsCommit]
root     28009  0.0  0.0      0     0 ?        S    06:59   0:00 [jfsSync]
root     28028  0.0  0.0      0     0 ?        S<   06:59   0:00 [bioset]

Appreciate the ongoing suggestions/help. I am sure at the end it will turn out to be something simple.

Rgds John

Thu, 04/30/2015 - 09:55
andreychek

Hmm, I actually don't see anything there that would be configuring a firewall.

You could always talk to your provider and see if they know what might be adding that (if you didn't already, you may have).

However, while this is a bit "hack-ish", just to help you for the time being, you could always add those commands you used earlier to clear the firewall to your startup scripts.

That is, in /etc/rc.local, you could add these lines:

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F

That rc.local file runs after everything else launches during the bootup process, so whatever it is that's adding the firewall, those lines to clear it should run later.

And then you could start tinkering with the rest of your system in the meantime, and can deal with the firewall issue some other time :-)

Thu, 04/30/2015 - 09:58
andreychek

Also, once you get that working -- you might want to double-check in Webmin -> Network Configuration -> Linux Firewall, that you don't see a firewall configured in there.

If you do, you may want to disable it.

-Eric

Thu, 04/30/2015 - 10:07 (Reply to #15)
jxburns

Great. Thanks for the advice.

I am talking to the hosting company as they have told me that if I place rules in /etc/network/firewall it will use them. However there is nothing there at the moment but still they are being overwritten at server boot up. Obviously I don't want it to be open except for the bare minimum but now you have told me where to look will see if I can do something temporary.

And noted re WebMin firewall.

Will get back to you once I have managed to progress things.

Rgds John

Fri, 05/01/2015 - 03:15 (Reply to #16)
jxburns

The comment regarding rc.local gave me the clue to what is going on.

The only line in there was a call to another script (/etc/sysconfig/firewall) which (surprise surprise) had all the offending firewall rules in it overwriting the VirtualMin versions.

When I contacted the hosting company (FastHosts) they revealed this is something they do to protect the server after a rebuild until the customer can alter to their own requirements. Unfortunately they don't tell anyone. I have requested they add to their KB articles or at least to the email they send out telling the customer the server is ready.

So thanks to all for your help. I am rebuilding the server again ready to install VirtualMin so I know it is clean of all the half hearted attempts I made at changing things.

John

Topic locked