Can Webmin take control of iptables and apply its own rules?

3 posts / 0 new
Last post
#1 Wed, 07/13/2016 - 07:49

Can Webmin take control of iptables and apply its own rules?

I have a CentOS server with NGINX as the webserver and HHVM for PHP.

I'm having an issue where some requests from an external server are "going missing". The external party claims they are being sent and are rejected by our server. From my perspective, I cannot even see the requests hitting the server, i.e. there is no record of them in the syslogs, nginx logs or hhvm logs, which there always is for every received request via this service.

My first thought was the firewall, but having checked, there are no rules whatsoever configured in iptables and firewalld is not running.

I contacted the VPS provider and they have advised that Webmin could be dropping the packets because "Webmin can initiate blocks via iptables if it feels like it". I've also been told that there won't be any logs recording these actions because "Webmin locks itself down".

This sounds bizarre to me; I don't see why Webmin would secretly apply rules in iptables without user intervention and without any of the rules appearing in the tables or save file etc.

Admittedly my experience with Webmin and iptables is not extensive so I am looking for some confirmation before pushing the issue further.

Wed, 07/13/2016 - 17:01
Diabolico's picture

This is not true. If you had installed a software like fail2ban that will be different situation but i never saw Wmin dropping connections. What could be the reason is port not open on iptables or software is not listening on specific port(s).

Without more info its hard to say what is going on, what type of request is sending the other server and so on... But i see you have installed nginx and hhvm so i would start there to check for problems.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Thu, 07/14/2016 - 05:09

Thanks, I was pretty sure Webmin would not be responsible. Now that I know for sure I can focus my efforts elsewhere!

Topic locked