Menu
▾
▴
[webmin-l] Webmin and Firewall/IPTABLES on Ubuntu 22.04.LTS
|
From: Joaquim H. <jo...@we...> - 2022-06-08 09:44:45
|
It seems like Webmin has some "issues" handling regular Linux IPTables on Ubuntu 22.04.LTS. This is using the "modern theme". I haven't checked with the other theme. It correctly says it's "config file" is "IPv4 Firewall, rules file /etc/webmin/firewall/iptables.save". Then it defaults to showing "nat". Which, according to Webmin has all the rules. But that's not what the file says. Then I switch to "filter", and it's all empty. The "config file" looks like this: # Generated by iptables-save v1.8.7 on Wed Jun 8 09:37:04 2022 *mangle :PREROUTING ACCEPT [23139:7366124] :INPUT ACCEPT [22982:7356709] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [898:314300] :POSTROUTING ACCEPT [898:314300] COMMIT # Completed on Wed Jun 8 09:37:04 2022 # Generated by iptables-save v1.8.7 on Wed Jun 8 09:37:04 2022 *nat :PREROUTING ACCEPT [22298:7258691] :INPUT ACCEPT [21709:6939453] :OUTPUT ACCEPT [898:314300] :POSTROUTING ACCEPT [2:211] COMMIT # Completed on Wed Jun 8 09:37:04 2022 # Generated by iptables-save v1.8.7 on Wed Jun 8 09:37:04 2022 *filter :INPUT DROP [20829:6829628] :OUTPUT ACCEPT [2:211] -A INPUT ! -i ens1 -j ACCEPT -A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT -A INPUT -m state --state ESTABLISHED -j ACCEPT -A INPUT -m state --state RELATED -j ACCEPT -A INPUT -p udp -m udp --sport 53 --dport 1024:65535 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 4 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 12 -j ACCEPT -A INPUT -p tcp -m tcp --dport 2222 -j ACCEPT -A INPUT -p tcp -m tcp --dport 113 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m tcp --dport 20:21 -j ACCEPT -A INPUT -p tcp -m tcp --dport 10000:10010 -j ACCEPT COMMIT # Completed on Wed Jun 8 09:37:04 2022 Applying the configuration doesn't make a difference. If I instead do a manual iptables-restore, with the same file, and then "revert configuration" in Webmin, all is fine. -joho |
