[GLLUG] Anyone know how webmin does its dirty work?

Jan Henkins jan at henkins.za.net
Sat Dec 29 18:00:41 UTC 2012


Hello John, 

That is a permit all policy, so the problem is most likely elsewhere. Please have a look at the interfaces file.  For testing purposes, rename or remove that rules file and see if your problem goes away, but double-check your interfaces file too. It is entirely possible that Webmin did some changes there. 

In defence of Webmin, it is a great tool. Having said that, please take time to get to know it properly, because it gives you a lot of power without restrictions. Therefore it is indeed possible to bork your system comprehensively with absolute ease and style...  :-) 


John Winters <john at sinodun.org.uk> wrote:

>Wanting a quick firewall setup on a Thecus N2100 (headless ARM box, 
>running Debian Wheezy), I made the mistake of installing webmin.  I 
>created an initial firewall configuration with everything set to
>ACCEPT, 
>but didn't activate it.  I then stopped for the day, and the next time
>I 
>booted, neither NIC would respond to any kind of incoming traffic.
>
>I'm now trying to recover the box, but I'm struggling to work out where
>
>exactly webmin has done the damage.  (I can remove the HDD and mount it
>
>in another machine, but I have no serial console for the Thecus, nor do
>
>I have the parts here to make one.)  I'm getting bored moving the HDD 
>backwards and forwards.
>
>I've found a file which webmin seems to have created:
>
>/etc/iptables.up.rules
>
># Generated by iptables-save v1.4.14 on Mon Dec 24 21:08:49 2012
>*nat
>:INPUT ACCEPT [0:0]
>:PREROUTING ACCEPT [0:0]
>:OUTPUT ACCEPT [0:0]
>:POSTROUTING ACCEPT [0:0]
>-A POSTROUTING -o eth0 -j MASQUERADE
>COMMIT
># Completed on Mon Dec 24 21:08:49 2012
># Generated by iptables-save v1.4.14 on Mon Dec 24 21:08:49 2012
>*mangle
>:PREROUTING ACCEPT [356:23831]
>:INPUT ACCEPT [354:23725]
>:FORWARD ACCEPT [0:0]
>:OUTPUT ACCEPT [328:136147]
>:POSTROUTING ACCEPT [328:136147]
>COMMIT
># Completed on Mon Dec 24 21:08:49 2012
># Generated by iptables-save v1.4.14 on Mon Dec 24 21:08:49 2012
>*filter
>:INPUT ACCEPT [1429:98896]
>:FORWARD ACCEPT [0:0]
>:OUTPUT ACCEPT [1412:498738]
>COMMIT
># Completed on Mon Dec 24 21:08:49 2012
>
>but I've yet to find either a) the invocation of iptables-save which 
>created this, or b) the invocation of iptables-restore which later
>loads 
>it.  Nor does it seem to me to contain anything which would do the
>damage.
>
>I've tried putting:
>
>iptables -F
>iptables -P INPUT ACCEPT
>iptables -P FORWARD ACCEPT
>iptables -P OUTPUT ACCEPT
>
>at the end of /etc/rc.local but without making any difference.
>
>The box boots fine, but I can't uninstall webmin until I can find a way
>
>to communicate with it once it's booted.
>
>Any suggestions?
>
>John
>
>P.S.  Apologies if I'm being very stupid.  I've been laid up for the 
>last week and my brain isn't really going again yet.
>
>
>_______________________________________________
>GLLUG mailing list
>GLLUG at mailman.lug.org.uk
>https://mailman.lug.org.uk/mailman/listinfo/gllug

-- 
Regards, 
Jan Henkins 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20121229/0f507fe1/attachment.html>


More information about the GLLUG mailing list