I've installed a ISP Config on brand new server, and I've update it before even I get access to the url using : Code: ispconfig_update.sh --force , when update, I've changed the port from 8080 to 433, because I want to access directely to host.domain.com without :8080, but it did not work, the autoinstaller is working great, I think the problem happened only when I'm trying to change the port from 8080 to 433 from the SSL ispconfig update, Then the problem occurs, I can no longer access to host.domain.com:8080/login or host.domain.com:433/login here is the server report : Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 12 (bookworm) [INFO] uptime: 17:39:23 up 1:13, 1 user, load average: 0.00, 0.00, 0.00 [INFO] memory: total used free shared buff/cache available Mem: 31Gi 2.8Gi 26Gi 58Mi 2.7Gi 28Gi Swap: 8.0Gi 0B 8.0Gi [INFO] systemd failed services status: UNIT LOAD ACTIVE SUB DESCRIPTION 0 loaded units listed. [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.12p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 8.2.25 [INFO] php-cgi (used for cgi php in default vhost!) is version 8.2.25 ##### PORT CHECK ##### [WARN] Port 443 (Webserver SSL) seems NOT to be listening ##### MAIL SERVER CHECK ##### [WARN] I found no "smtps" entry in your postfix master.cf [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this. ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Unknown process (nginx:) (PID 205807) [INFO] I found the following mail server(s): Postfix (PID 344503) [INFO] I found the following pop3 server(s): Dovecot (PID 344526) [INFO] I found the following imap server(s): Dovecot (PID 344526) [INFO] I found the following ftp server(s): PureFTP (PID 344578) ##### LISTENING PORTS ##### (only () Local (Address) [localhost]:6379 (34194/redis-server) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:953 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [localhost]:53 (344584/named) [anywhere]:4190 (344526/dovecot) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) ***.***.***.***:53 (344584/named) [anywhere]:8080 (205807/nginx:) [anywhere]:8081 (205807/nginx:) [localhost]:11211 (159571/memcached) [anywhere]:993 (344526/dovecot) [anywhere]:995 (344526/dovecot) [anywhere]:587 (344503/master) [anywhere]:465 (344503/master) [anywhere]:25 (344503/master) [anywhere]:21 (344578/pure-ftpd) [anywhere]:22 (1245/sshd:) [anywhere]:80 (205807/nginx:) [anywhere]:110 (344526/dovecot) [anywhere]:143 (344526/dovecot) [localhost]:11332 (344511/rspamd:) [localhost]:11333 (344511/rspamd:) [localhost]:11334 (344511/rspamd:) [localhost]:10023 (34582/postgrey) [anywhere]:3306 (344114/mariadbd) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:11333 (344511/rspamd:) *:*:*:*::*:11332 (344511/rspamd:) *:*:*:*::*:11334 (344511/rspamd:) *:*:*:*::*:10023 (34582/postgrey) *:*:*:*::*:6379 (34194/redis-server) *:*:*:*::*:4190 (344526/dovecot) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*3eec:efff:feb9:53 (344584/named) *:*:*:*::*:8080 (205807/nginx:) *:*:*:*::*:8081 (205807/nginx:) *:*:*:*::*:993 (344526/dovecot) *:*:*:*::*:995 (344526/dovecot) *:*:*:*::*:587 (344503/master) *:*:*:*::*:465 (344503/master) *:*:*:*::*:25 (344503/master) *:*:*:*::*:21 (344578/pure-ftpd) *:*:*:*::*:22 (1245/sshd:) *:*:*:*::*:80 (205807/nginx:) [localhost]10 (344526/dovecot) [localhost]43 (344526/dovecot) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:53 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:953 (344584/named) *:*:*:*::*:3306 (344114/mariadbd) ##### IPTABLES ##### Chain INPUT (policy DROP) target prot opt source destination f2b-sshd 6 -- [anywhere]/0 [anywhere]/0 multiport dports 22 ufw-before-logging-input 0 -- [anywhere]/0 [anywhere]/0 ufw-before-input 0 -- [anywhere]/0 [anywhere]/0 ufw-after-input 0 -- [anywhere]/0 [anywhere]/0 ufw-after-logging-input 0 -- [anywhere]/0 [anywhere]/0 ufw-reject-input 0 -- [anywhere]/0 [anywhere]/0 ufw-track-input 0 -- [anywhere]/0 [anywhere]/0 Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-before-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-after-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-after-logging-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-reject-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-track-forward 0 -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-logging-output 0 -- [anywhere]/0 [anywhere]/0 ufw-before-output 0 -- [anywhere]/0 [anywhere]/0 ufw-after-output 0 -- [anywhere]/0 [anywhere]/0 ufw-after-logging-output 0 -- [anywhere]/0 [anywhere]/0 ufw-reject-output 0 -- [anywhere]/0 [anywhere]/0 ufw-track-output 0 -- [anywhere]/0 [anywhere]/0 Chain f2b-sshd (1 references) target prot opt source destination RETURN 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input 17 -- [anywhere]/0 [anywhere]/0 udp dpt:137 ufw-skip-to-policy-input 17 -- [anywhere]/0 [anywhere]/0 udp dpt:138 ufw-skip-to-policy-input 6 -- [anywhere]/0 [anywhere]/0 tcp dpt:139 ufw-skip-to-policy-input 6 -- [anywhere]/0 [anywhere]/0 tcp dpt:445 ufw-skip-to-policy-input 17 -- [anywhere]/0 [anywhere]/0 udp dpt:67 ufw-skip-to-policy-input 17 -- [anywhere]/0 [anywhere]/0 udp dpt:68 ufw-skip-to-policy-input 0 -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) target prot opt source destination LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) target prot opt source destination Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 12 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 8 ufw-user-forward 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-before-input (1 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-logging-deny 0 -- [anywhere]/0 [anywhere]/0 ctstate INVALID DROP 0 -- [anywhere]/0 [anywhere]/0 ctstate INVALID ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 12 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 8 ACCEPT 17 -- [anywhere]/0 [anywhere]/0 udp spt:67 dpt:68 ufw-not-local 0 -- [anywhere]/0 [anywhere]/0 ACCEPT 17 -- [anywhere]/0 ***.***.***.*** udp dpt:5353 ACCEPT 17 -- [anywhere]/0 ***.***.***.*** udp dpt:1900 ufw-user-input 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-user-output 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-logging-allow (0 references) target prot opt source destination LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) target prot opt source destination RETURN 0 -- [anywhere]/0 [anywhere]/0 ctstate INVALID limit: avg 3/min burst 10 LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) target prot opt source destination RETURN 0 -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type LOCAL RETURN 0 -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type MULTICAST RETURN 0 -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST ufw-logging-deny 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 DROP 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination DROP 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-skip-to-policy-input (7 references) target prot opt source destination DROP 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-skip-to-policy-output (0 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination ACCEPT 6 -- [anywhere]/0 [anywhere]/0 ctstate NEW ACCEPT 17 -- [anywhere]/0 [anywhere]/0 ctstate NEW Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination ACCEPT 6 -- [anywhere]/0 [anywhere]/0 tcp dpt:22 Chain ufw-user-limit (0 references) target prot opt source destination LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] " REJECT 0 -- [anywhere]/0 [anywhere]/0 reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-user-logging-forward (0 references) target prot opt source destination Chain ufw-user-logging-input (0 references) target prot opt source destination Chain ufw-user-logging-output (0 references) target prot opt source destination Chain ufw-user-output (1 references) target prot opt source destination ##### LET'S ENCRYPT ##### acme.sh is installed in /root/.acme.sh/acme.sh After resolving this problem, I want remove the port number from the URL, I'm using nginx by the way, so this thread Remove port number from ISPC admin URL | Howtoforge - Linux Howtos and Tutorials did not work for me
You can not simply change the port as the vhost has no domain. If you just change the port in the ispconfig vhost file or use a port that is already in use like 443, the web server is not able to start anymore, so you should undo that.
To make the ispconfig vhost a name-based vhost, you must first add a domain in the vhost, then change the port and finally make sure that you do not have an additional listen directive for that port.
I've reinstalled the server ! Even I've reinstalled it using : Code: wget -O - https://get.ispconfig.org | sh -s -- --use-nginx --use-ftp-ports=40110-40210 --unattended-upgrades I get the error page here is my etc/hosts file : I'm using a bare metal server FROM Vultr not a VPS this is the report after I've using the autoinstaller without any edit from my part : Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 12 (bookworm) [INFO] uptime: 19:34:52 up 34 min, 1 user, load average: 1.10, 1.23, 1.30 [INFO] memory: total used free shared buff/cache available Mem: 31Gi 2.8Gi 26Gi 58Mi 2.7Gi 28Gi Swap: 8.0Gi 0B 8.0Gi [INFO] systemd failed services status: UNIT LOAD ACTIVE SUB DESCRIPTION 0 loaded units listed. [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.12p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 8.2.25 [INFO] php-cgi (used for cgi php in default vhost!) is version 8.2.25 ##### PORT CHECK ##### [WARN] Port 443 (Webserver SSL) seems NOT to be listening ##### MAIL SERVER CHECK ##### [WARN] I found no "smtps" entry in your postfix master.cf [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this. ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Unknown process (nginx:) (PID 205666) [INFO] I found the following mail server(s): Postfix (PID 205553) [INFO] I found the following pop3 server(s): Dovecot (PID 205576) [INFO] I found the following imap server(s): Dovecot (PID 205576) [INFO] I found the following ftp server(s): PureFTP (PID 205629) ##### LISTENING PORTS ##### (only () Local (Address) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:953 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:53 (205635/named) [localhost]:6379 (34308/redis-server) [localhost]:11211 (159696/memcached) [anywhere]:4190 (205576/dovecot) [localhost]:11333 (205561/rspamd:) [localhost]:11332 (205561/rspamd:) [localhost]:11334 (205561/rspamd:) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) ***.***.***.***:53 (205635/named) [anywhere]:8081 (205666/nginx:) [anywhere]:8080 (205666/nginx:) [localhost]:10023 (34695/postgrey) [anywhere]:993 (205576/dovecot) [anywhere]:995 (205576/dovecot) [anywhere]:587 (205553/master) [anywhere]:465 (205553/master) [anywhere]:143 (205576/dovecot) [anywhere]:21 (205629/pure-ftpd) [anywhere]:22 (1259/sshd:) [anywhere]:25 (205553/master) [anywhere]:80 (205666/nginx:) [anywhere]:110 (205576/dovecot) [anywhere]:3306 (205179/mariadbd) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*3eec:efff:feb9:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:953 (205635/named) *:*:*:*::*:6379 (34308/redis-server) *:*:*:*::*:10023 (34695/postgrey) *:*:*:*::*:4190 (205576/dovecot) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:53 (205635/named) *:*:*:*::*:11334 (205561/rspamd:) *:*:*:*::*:11333 (205561/rspamd:) *:*:*:*::*:11332 (205561/rspamd:) *:*:*:*::*:8081 (205666/nginx:) *:*:*:*::*:8080 (205666/nginx:) *:*:*:*::*:993 (205576/dovecot) *:*:*:*::*:995 (205576/dovecot) *:*:*:*::*:587 (205553/master) *:*:*:*::*:465 (205553/master) [localhost]43 (205576/dovecot) *:*:*:*::*:21 (205629/pure-ftpd) *:*:*:*::*:22 (1259/sshd:) *:*:*:*::*:25 (205553/master) *:*:*:*::*:80 (205666/nginx:) [localhost]10 (205576/dovecot) *:*:*:*::*:3306 (205179/mariadbd) ##### IPTABLES ##### Chain INPUT (policy DROP) target prot opt source destination f2b-sshd 6 -- [anywhere]/0 [anywhere]/0 multiport dports 22 ufw-before-logging-input 0 -- [anywhere]/0 [anywhere]/0 ufw-before-input 0 -- [anywhere]/0 [anywhere]/0 ufw-after-input 0 -- [anywhere]/0 [anywhere]/0 ufw-after-logging-input 0 -- [anywhere]/0 [anywhere]/0 ufw-reject-input 0 -- [anywhere]/0 [anywhere]/0 ufw-track-input 0 -- [anywhere]/0 [anywhere]/0 Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-before-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-after-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-after-logging-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-reject-forward 0 -- [anywhere]/0 [anywhere]/0 ufw-track-forward 0 -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-logging-output 0 -- [anywhere]/0 [anywhere]/0 ufw-before-output 0 -- [anywhere]/0 [anywhere]/0 ufw-after-output 0 -- [anywhere]/0 [anywhere]/0 ufw-after-logging-output 0 -- [anywhere]/0 [anywhere]/0 ufw-reject-output 0 -- [anywhere]/0 [anywhere]/0 ufw-track-output 0 -- [anywhere]/0 [anywhere]/0 Chain f2b-sshd (1 references) target prot opt source destination RETURN 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input 17 -- [anywhere]/0 [anywhere]/0 udp dpt:137 ufw-skip-to-policy-input 17 -- [anywhere]/0 [anywhere]/0 udp dpt:138 ufw-skip-to-policy-input 6 -- [anywhere]/0 [anywhere]/0 tcp dpt:139 ufw-skip-to-policy-input 6 -- [anywhere]/0 [anywhere]/0 tcp dpt:445 ufw-skip-to-policy-input 17 -- [anywhere]/0 [anywhere]/0 udp dpt:67 ufw-skip-to-policy-input 17 -- [anywhere]/0 [anywhere]/0 udp dpt:68 ufw-skip-to-policy-input 0 -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) target prot opt source destination LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) target prot opt source destination Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 12 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 8 ufw-user-forward 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-before-input (1 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-logging-deny 0 -- [anywhere]/0 [anywhere]/0 ctstate INVALID DROP 0 -- [anywhere]/0 [anywhere]/0 ctstate INVALID ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 12 ACCEPT 1 -- [anywhere]/0 [anywhere]/0 icmptype 8 ACCEPT 17 -- [anywhere]/0 [anywhere]/0 udp spt:67 dpt:68 ufw-not-local 0 -- [anywhere]/0 [anywhere]/0 ACCEPT 17 -- [anywhere]/0 ***.***.***.*** udp dpt:5353 ACCEPT 17 -- [anywhere]/0 ***.***.***.*** udp dpt:1900 ufw-user-input 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ACCEPT 0 -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED ufw-user-output 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-logging-allow (0 references) target prot opt source destination LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) target prot opt source destination RETURN 0 -- [anywhere]/0 [anywhere]/0 ctstate INVALID limit: avg 3/min burst 10 LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) target prot opt source destination RETURN 0 -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type LOCAL RETURN 0 -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type MULTICAST RETURN 0 -- [anywhere]/0 [anywhere]/0 ADDRTYPE match dst-type BROADCAST ufw-logging-deny 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 10 DROP 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination DROP 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-skip-to-policy-input (7 references) target prot opt source destination DROP 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-skip-to-policy-output (0 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination ACCEPT 6 -- [anywhere]/0 [anywhere]/0 ctstate NEW ACCEPT 17 -- [anywhere]/0 [anywhere]/0 ctstate NEW Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination ACCEPT 6 -- [anywhere]/0 [anywhere]/0 tcp dpt:22 Chain ufw-user-limit (0 references) target prot opt source destination LOG 0 -- [anywhere]/0 [anywhere]/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] " REJECT 0 -- [anywhere]/0 [anywhere]/0 reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT 0 -- [anywhere]/0 [anywhere]/0 Chain ufw-user-logging-forward (0 references) target prot opt source destination Chain ufw-user-logging-input (0 references) target prot opt source destination Chain ufw-user-logging-output (0 references) target prot opt source destination Chain ufw-user-output (1 references) target prot opt source destination ##### LET'S ENCRYPT ##### acme.sh is installed in /root/.acme.sh/acme.sh after the installer has finished work : ( I get ISPConfig admin password and MySQL root password )
i'm assuming, from what you've posted, the server is host.labgenz.com, hopefully on the ip 45.77.189.250 seems like there's 4 possibilities to me.. 1. that is not the correct ip.. so you have a problem with your dns records. 2. the server is currently turned off. (at ~11am gmt) 3. you have a firewall/router in front of the server which is blocking access. 4. nginx is not starting, or unable to bind to any of ports 80,443, 8080, or 8081 (or 433 assuming that isn't a typo)
You are right about the the server and the IP, However : the IP Adress is 45.77.189.250 , this is the dns record for the subdomain the main domain name is in another server in wp engine ( so it's in another server in wp egine ) . and all services are running, there is no failed srevice : Code: root@host:~# systemctl list-units --failed UNIT LOAD ACTIVE SUB DESCRIPTION 0 loaded units listed. Nginx is running also : Code: root@host:~# systemctl list-units | grep nginx nginx.service loaded active running A high performance web server and a reverse proxy server and server is running and has internet access : I don't know if a firewall/router in front of the server which is blocking access, or Nginx is unable to bind to any of ports 80,443, 8080, or 8081
ok. so i got the problem server's ip right.. i tried, for the earlier post, to telnet to host.labgenz.com, so the 45.77.189.250 ip, on all ports 80,443,8080 and 8081 (and 433 just in case) and not one attempt managed to make a connection. just Code: telnet host.labgenz.com 80 Trying 45.77.189.250... also, i get nothing after hop 10 on a traceroute.... Code: traceroute 45.77.180.250 traceroute to 45.77.180.250 (45.77.180.250), 30 hops max, 60 byte packets 1 _gateway (192.168.1.1) 0.221 ms 0.199 ms 0.193 ms 2 195.166.130.255 (195.166.130.255) 12.006 ms 11.999 ms 12.095 ms 3 213.120.163.20 (213.120.163.20) 12.971 ms 213.120.163.8 (213.120.163.8) 12.639 ms 12.861 ms 4 217.32.240.91 (217.32.240.91) 13.417 ms 217.32.240.93 (217.32.240.93) 13.389 ms 217.32.240.95 (217.32.240.95) 12.902 ms 5 host213-121-192-96.ukcore.bt.net (213.121.192.96) 12.612 ms 213.121.192.132 (213.121.192.132) 13.339 ms core1-hu0-17-0-1.southbank.ukcore.bt.net (195.99.127.180) 13.367 ms 6 peer8-et-4-0-5.telehouse.ukcore.bt.net (194.72.16.162) 15.043 ms peer8-et-0-1-7.telehouse.ukcore.bt.net (194.72.16.146) 14.283 ms peer8-et-3-1-2.telehouse.ukcore.bt.net (109.159.252.232) 13.083 ms 7 * * * 8 63.218.207.21 (63.218.207.21) 15.373 ms 15.837 ms * 9 Bundle-Eth54.clbr01.tok02.as3491.net (63.218.250.118) 260.881 ms 261.340 ms Bundle-Eth53.clbr01.tok02.as3491.net (63.218.250.78) 254.959 ms 10 * * ssi-labo.gi0-0-0-3.843.br04.tok01.as3491.net (63.216.242.46) 260.373 ms 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * .. .. 30 * * * so, if you know what/where ssi-labo.gi0-0-0-3.843.br04.tok01.as3491.net (63.216.242.46) is... that would seem to be a good place to start network troubleshooting from.
In my case , I get : Code: root@host:~# traceroute 45.77.180.250 traceroute to 45.77.180.250 (45.77.180.250), 30 hops max, 60 byte packets 1 169.254.1.1 (169.254.1.1) 0.274 ms 0.274 ms 0.277 ms 2 10.65.3.13 (10.65.3.13) 0.804 ms 1.198 ms 10.65.3.21 (10.65.3.21) 0.781 ms 3 * 10.65.1.241 (10.65.1.241) 0.686 ms * 4 xe-1-2-2-1.a00.snjsca09.us.bb.gin.ntt.net (128.241.14.149) 0.494 ms 0.448 ms 0.399 ms 5 xe-1-2-2-1.a00.snjsca09.us.bb.gin.ntt.net (128.241.14.149) 0.403 ms 0.460 ms ae-8.r25.snjsca04.us.bb.gin.ntt.net (129.250.5.106) 0.770 ms 6 ae-8.r25.snjsca04.us.bb.gin.ntt.net (129.250.5.106) 0.761 ms 0.774 ms 0.699 ms 7 ae-3.r26.snjsca04.us.bb.gin.ntt.net (129.250.5.224) 0.971 ms 0.904 ms * 8 * ae-3.r25.lsanca07.us.bb.gin.ntt.net (129.250.4.151) 9.962 ms * 9 * * * 10 * * * 11 * * ae-22.r32.tokyjp05.jp.bb.gin.ntt.net (129.250.7.78) 114.714 ms 12 ae-0.a01.tokyjp09.jp.bb.gin.ntt.net (129.250.7.54) 111.886 ms ae-22.r32.tokyjp05.jp.bb.gin.ntt.net (129.250.7.78) 124.867 ms * 13 ae-0.a01.tokyjp09.jp.bb.gin.ntt.net (129.250.7.54) 109.810 ms ce-3-5-3.a01.tokyjp09.jp.ce.gin.ntt.net (120.88.54.98) 111.199 ms ae-0.a01.tokyjp09.jp.bb.gin.ntt.net (129.250.7.54) 113.270 ms 14 ce-3-5-3.a01.tokyjp09.jp.ce.gin.ntt.net (120.88.54.98) 116.809 ms * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * So I think may be the problem is this is not traditional VPS , it's Bare meta server, so when I'm trying to edit /etc/hosts, it did not work : Code: root@host:~# cat /etc/hosts # Your system has configured 'manage_etc_hosts' as True. # As a result, if you wish for changes to this file to persist # then you will need to either # a.) make changes to the master file in /etc/cloud/templates/hosts.debian.tmpl # b.) change or remove the value of 'manage_etc_hosts' in # /etc/cloud/cloud.cfg or cloud-config from user-data # 127.0.1.1 host.labgenz.com host 127.0.0.1 localhost # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters until I've edited Code: /etc/cloud/templates/hosts.debian.tmpl directely, also in Code: /etc/cloud/cloud.cfg I did not comment -update_etc_hosts Code: root@host:~# cat /etc/cloud/cloud.cfg cloud_init_modules: - migrator - seed_random - bootcmd - write-files - growpart - resizefs - disk_setup - mounts - set_hostname - update_hostname - update_etc_hosts - ca-certs - rsyslog - users-groups - ssh cloud_config_modules: - ssh-import-id - locale - set-passwords - grub-dpkg - apt-pipelining - apt-configure - ntp - timezone - disable-ec2-metadata - runcmd - byobu cloud_final_modules: - package-update-upgrade-install - fan - puppet - chef - ansible - salt-minion - mcollective - scripts-vendor - scripts-per-once - scripts-per-boot - scripts-per-instance - scripts-user - ssh-authkey-fingerprints - keys-to-console - phone-home - final-message - power-state-change - write-files-deferred apt: preserve_sources_list: true system_info: distro: debian paths: cloud_dir: /var/lib/cloud/ templates_dir: /etc/cloud/templates/ upstart_dir: /etc/init/ ssh_svcname: ssh because I've the same problem here : dhcp - How to disable /etc/hosts from resetting after reboot - Server Fault . I think this can help resolving the issue, this is the first time I have this problem, I've installed ISP Config on a lot of VPS without any problem, but I guess for the bare metal server, there are some extra steps need to be done
There is no difference from ISPConfig side for that. ISPConfig does not even know if your system is a VPS or not. But of course, the server must be connected to the network correctly and if that#s not the case, it won't work. As you can see from the output of the test script, ISPConfig is installed correctly and listening on port 8080, as you can't reach it there, then you have either a network issue on the server itself, you have a firewall installed that was not installed by the auto-installer that blocks ports or your traffic is blocked in front of the server with a firewall.
For sure , the server is connected to the network, and has an internet access as I can ping any website even the subdomain where ISP Config is installed :
I checked for the firewall : UFW : Code: root@host:~# ufw status Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) iptables rules : Code: root@host:~# iptables -L Chain INPUT (policy DROP) target prot opt source destination f2b-sshd tcp -- anywhere anywhere multiport dports ssh ufw-before-logging-input all -- anywhere anywhere ufw-before-input all -- anywhere anywhere ufw-after-input all -- anywhere anywhere ufw-after-logging-input all -- anywhere anywhere ufw-reject-input all -- anywhere anywhere ufw-track-input all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward all -- anywhere anywhere ufw-before-forward all -- anywhere anywhere ufw-after-forward all -- anywhere anywhere ufw-after-logging-forward all -- anywhere anywhere ufw-reject-forward all -- anywhere anywhere ufw-track-forward all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-logging-output all -- anywhere anywhere ufw-before-output all -- anywhere anywhere ufw-after-output all -- anywhere anywhere ufw-after-logging-output all -- anywhere anywhere ufw-reject-output all -- anywhere anywhere ufw-track-output all -- anywhere anywhere Chain f2b-sshd (1 references) target prot opt source destination REJECT all -- 150.241.115.204 anywhere reject-with icmp-port-unreachable REJECT all -- 218.92.0.246 anywhere reject-with icmp-port-unreachable REJECT all -- 218.92.0.235 anywhere reject-with icmp-port-unreachable RETURN all -- anywhere anywhere Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warn prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warn prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) target prot opt source destination Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ufw-user-forward all -- anywhere anywhere Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-logging-deny all -- anywhere anywhere ctstate INVALID DROP all -- anywhere anywhere ctstate INVALID ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc ufw-not-local all -- anywhere anywhere ACCEPT udp -- anywhere mdns.mcast.net udp dpt:mdns ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 ufw-user-input all -- anywhere anywhere Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-user-output all -- anywhere anywhere Chain ufw-logging-allow (0 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warn prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) target prot opt source destination RETURN all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10 LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warn prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 DROP all -- anywhere anywhere Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-skip-to-policy-input (7 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-skip-to-policy-output (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere ctstate NEW ACCEPT udp -- anywhere anywhere ctstate NEW Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh Chain ufw-user-limit (0 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warn prefix "[UFW LIMIT BLOCK] " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain ufw-user-logging-forward (0 references) target prot opt source destination Chain ufw-user-logging-input (0 references) target prot opt source destination Chain ufw-user-logging-output (0 references) target prot opt source destination Chain ufw-user-output (1 references) target prot opt source destination Check nftables Code: root@host:~# nft list ruleset # Warning: table ip filter is managed by iptables-nft, do not touch! table ip filter { chain ufw-before-logging-input { } chain ufw-before-logging-output { } chain ufw-before-logging-forward { } chain ufw-before-input { iifname "lo" counter packets 473875 bytes 32211451 accept ct state related,established counter packets 30856 bytes 75652847 accept ct state invalid counter packets 522 bytes 227546 jump ufw-logging-deny ct state invalid counter packets 522 bytes 227546 drop meta l4proto icmp icmp type destination-unreachable counter packets 0 bytes 0 accept meta l4proto icmp icmp type time-exceeded counter packets 0 bytes 0 accept meta l4proto icmp icmp type parameter-problem counter packets 0 bytes 0 accept meta l4proto icmp icmp type echo-request counter packets 1210 bytes 78447 accept udp sport 67 udp dport 68 counter packets 4 bytes 1356 accept counter packets 15579 bytes 743314 jump ufw-not-local ip daddr 224.0.0.251 udp dport 5353 counter packets 0 bytes 0 accept ip daddr 239.255.255.250 udp dport 1900 counter packets 0 bytes 0 accept counter packets 15579 bytes 743314 jump ufw-user-input } chain ufw-before-output { oifname "lo" counter packets 473875 bytes 32211451 accept ct state related,established counter packets 34848 bytes 6022071 accept counter packets 3505 bytes 292211 jump ufw-user-output } chain ufw-before-forward { ct state related,established counter packets 0 bytes 0 accept meta l4proto icmp icmp type destination-unreachable counter packets 0 bytes 0 accept meta l4proto icmp icmp type time-exceeded counter packets 0 bytes 0 accept meta l4proto icmp icmp type parameter-problem counter packets 0 bytes 0 accept meta l4proto icmp icmp type echo-request counter packets 0 bytes 0 accept counter packets 0 bytes 0 jump ufw-user-forward } chain ufw-after-input { udp dport 137 counter packets 0 bytes 0 jump ufw-skip-to-policy-input udp dport 138 counter packets 0 bytes 0 jump ufw-skip-to-policy-input tcp dport 139 counter packets 23 bytes 1140 jump ufw-skip-to-policy-input tcp dport 445 counter packets 725 bytes 37076 jump ufw-skip-to-policy-input udp dport 67 counter packets 0 bytes 0 jump ufw-skip-to-policy-input udp dport 68 counter packets 0 bytes 0 jump ufw-skip-to-policy-input fib daddr type broadcast counter packets 0 bytes 0 jump ufw-skip-to-policy-input } chain ufw-after-output { } chain ufw-after-forward { } chain ufw-after-logging-input { limit rate 3/minute burst 10 packets counter packets 4507 bytes 208635 log prefix "[UFW BLOCK] " } chain ufw-after-logging-output { } chain ufw-after-logging-forward { limit rate 3/minute burst 10 packets counter packets 0 bytes 0 log prefix "[UFW BLOCK] " } chain ufw-reject-input { } chain ufw-reject-output { } chain ufw-reject-forward { } chain ufw-track-input { } chain ufw-track-output { meta l4proto tcp ct state new counter packets 801 bytes 74620 accept meta l4proto udp ct state new counter packets 2376 bytes 198227 accept } chain ufw-track-forward { } chain INPUT { type filter hook input priority filter; policy drop; meta l4proto tcp tcp dport 22 counter packets 26512 bytes 2739396 jump f2b-sshd counter packets 522046 bytes 108914961 jump ufw-before-logging-input counter packets 522046 bytes 108914961 jump ufw-before-input counter packets 14515 bytes 683302 jump ufw-after-input counter packets 13767 bytes 645086 jump ufw-after-logging-input counter packets 13767 bytes 645086 jump ufw-reject-input counter packets 13767 bytes 645086 jump ufw-track-input } chain OUTPUT { type filter hook output priority filter; policy accept; counter packets 512228 bytes 38525733 jump ufw-before-logging-output counter packets 512228 bytes 38525733 jump ufw-before-output counter packets 3505 bytes 292211 jump ufw-after-output counter packets 3505 bytes 292211 jump ufw-after-logging-output counter packets 3505 bytes 292211 jump ufw-reject-output counter packets 3505 bytes 292211 jump ufw-track-output } chain FORWARD { type filter hook forward priority filter; policy drop; counter packets 0 bytes 0 jump ufw-before-logging-forward counter packets 0 bytes 0 jump ufw-before-forward counter packets 0 bytes 0 jump ufw-after-forward counter packets 0 bytes 0 jump ufw-after-logging-forward counter packets 0 bytes 0 jump ufw-reject-forward counter packets 0 bytes 0 jump ufw-track-forward } chain ufw-logging-deny { ct state invalid limit rate 3/minute burst 10 packets counter packets 493 bytes 211592 return limit rate 3/minute burst 10 packets counter packets 18 bytes 9562 log prefix "[UFW BLOCK] " } chain ufw-logging-allow { limit rate 3/minute burst 10 packets counter packets 0 bytes 0 log prefix "[UFW ALLOW] " } chain ufw-skip-to-policy-input { counter packets 748 bytes 38216 drop } chain ufw-skip-to-policy-output { counter packets 0 bytes 0 accept } chain ufw-skip-to-policy-forward { counter packets 0 bytes 0 drop } chain ufw-not-local { fib daddr type local counter packets 15579 bytes 743314 return fib daddr type multicast counter packets 0 bytes 0 return fib daddr type broadcast counter packets 0 bytes 0 return limit rate 3/minute burst 10 packets counter packets 0 bytes 0 jump ufw-logging-deny counter packets 0 bytes 0 drop } chain ufw-user-input { tcp dport 22 counter packets 1064 bytes 60012 accept } chain ufw-user-output { } chain ufw-user-forward { } chain ufw-user-logging-input { } chain ufw-user-logging-output { } chain ufw-user-logging-forward { } chain ufw-user-limit { limit rate 3/minute counter packets 0 bytes 0 log prefix "[UFW LIMIT BLOCK] " counter packets 0 bytes 0 reject } chain ufw-user-limit-accept { counter packets 0 bytes 0 accept } chain f2b-sshd { ip saddr 150.241.115.204 counter packets 49 bytes 4148 reject ip saddr 218.92.0.198 counter packets 19 bytes 1664 reject ip saddr 218.92.0.219 counter packets 20 bytes 1824 reject ip saddr 218.92.0.246 counter packets 31 bytes 2252 reject counter packets 20747 bytes 2277982 return } }
Status firewalld Code: root@host:~# nft list ruleset # Warning: table ip filter is managed by iptables-nft, do not touch! table ip filter { chain ufw-before-logging-input { } chain ufw-before-logging-output { } chain ufw-before-logging-forward { } chain ufw-before-input { iifname "lo" counter packets 473875 bytes 32211451 accept ct state related,established counter packets 30856 bytes 75652847 accept ct state invalid counter packets 522 bytes 227546 jump ufw-logging-deny ct state invalid counter packets 522 bytes 227546 drop meta l4proto icmp icmp type destination-unreachable counter packets 0 bytes 0 accept meta l4proto icmp icmp type time-exceeded counter packets 0 bytes 0 accept meta l4proto icmp icmp type parameter-problem counter packets 0 bytes 0 accept meta l4proto icmp icmp type echo-request counter packets 1210 bytes 78447 accept udp sport 67 udp dport 68 counter packets 4 bytes 1356 accept counter packets 15579 bytes 743314 jump ufw-not-local ip daddr 224.0.0.251 udp dport 5353 counter packets 0 bytes 0 accept ip daddr 239.255.255.250 udp dport 1900 counter packets 0 bytes 0 accept counter packets 15579 bytes 743314 jump ufw-user-input } chain ufw-before-output { oifname "lo" counter packets 473875 bytes 32211451 accept ct state related,established counter packets 34848 bytes 6022071 accept counter packets 3505 bytes 292211 jump ufw-user-output } chain ufw-before-forward { ct state related,established counter packets 0 bytes 0 accept meta l4proto icmp icmp type destination-unreachable counter packets 0 bytes 0 accept meta l4proto icmp icmp type time-exceeded counter packets 0 bytes 0 accept meta l4proto icmp icmp type parameter-problem counter packets 0 bytes 0 accept meta l4proto icmp icmp type echo-request counter packets 0 bytes 0 accept counter packets 0 bytes 0 jump ufw-user-forward } chain ufw-after-input { udp dport 137 counter packets 0 bytes 0 jump ufw-skip-to-policy-input udp dport 138 counter packets 0 bytes 0 jump ufw-skip-to-policy-input tcp dport 139 counter packets 23 bytes 1140 jump ufw-skip-to-policy-input tcp dport 445 counter packets 725 bytes 37076 jump ufw-skip-to-policy-input udp dport 67 counter packets 0 bytes 0 jump ufw-skip-to-policy-input udp dport 68 counter packets 0 bytes 0 jump ufw-skip-to-policy-input fib daddr type broadcast counter packets 0 bytes 0 jump ufw-skip-to-policy-input } chain ufw-after-output { } chain ufw-after-forward { } chain ufw-after-logging-input { limit rate 3/minute burst 10 packets counter packets 4507 bytes 208635 log prefix "[UFW BLOCK] " } chain ufw-after-logging-output { } chain ufw-after-logging-forward { limit rate 3/minute burst 10 packets counter packets 0 bytes 0 log prefix "[UFW BLOCK] " } chain ufw-reject-input { } chain ufw-reject-output { } chain ufw-reject-forward { } chain ufw-track-input { } chain ufw-track-output { meta l4proto tcp ct state new counter packets 801 bytes 74620 accept meta l4proto udp ct state new counter packets 2376 bytes 198227 accept } chain ufw-track-forward { } chain INPUT { type filter hook input priority filter; policy drop; meta l4proto tcp tcp dport 22 counter packets 26512 bytes 2739396 jump f2b-sshd counter packets 522046 bytes 108914961 jump ufw-before-logging-input counter packets 522046 bytes 108914961 jump ufw-before-input counter packets 14515 bytes 683302 jump ufw-after-input counter packets 13767 bytes 645086 jump ufw-after-logging-input counter packets 13767 bytes 645086 jump ufw-reject-input counter packets 13767 bytes 645086 jump ufw-track-input } chain OUTPUT { type filter hook output priority filter; policy accept; counter packets 512228 bytes 38525733 jump ufw-before-logging-output counter packets 512228 bytes 38525733 jump ufw-before-output counter packets 3505 bytes 292211 jump ufw-after-output counter packets 3505 bytes 292211 jump ufw-after-logging-output counter packets 3505 bytes 292211 jump ufw-reject-output counter packets 3505 bytes 292211 jump ufw-track-output } chain FORWARD { type filter hook forward priority filter; policy drop; counter packets 0 bytes 0 jump ufw-before-logging-forward counter packets 0 bytes 0 jump ufw-before-forward counter packets 0 bytes 0 jump ufw-after-forward counter packets 0 bytes 0 jump ufw-after-logging-forward counter packets 0 bytes 0 jump ufw-reject-forward counter packets 0 bytes 0 jump ufw-track-forward } chain ufw-logging-deny { ct state invalid limit rate 3/minute burst 10 packets counter packets 493 bytes 211592 return limit rate 3/minute burst 10 packets counter packets 18 bytes 9562 log prefix "[UFW BLOCK] " } chain ufw-logging-allow { limit rate 3/minute burst 10 packets counter packets 0 bytes 0 log prefix "[UFW ALLOW] " } chain ufw-skip-to-policy-input { counter packets 748 bytes 38216 drop } chain ufw-skip-to-policy-output { counter packets 0 bytes 0 accept } chain ufw-skip-to-policy-forward { counter packets 0 bytes 0 drop } chain ufw-not-local { fib daddr type local counter packets 15579 bytes 743314 return fib daddr type multicast counter packets 0 bytes 0 return fib daddr type broadcast counter packets 0 bytes 0 return limit rate 3/minute burst 10 packets counter packets 0 bytes 0 jump ufw-logging-deny counter packets 0 bytes 0 drop } chain ufw-user-input { tcp dport 22 counter packets 1064 bytes 60012 accept } chain ufw-user-output { } chain ufw-user-forward { } chain ufw-user-logging-input { } chain ufw-user-logging-output { } chain ufw-user-logging-forward { } chain ufw-user-limit { limit rate 3/minute counter packets 0 bytes 0 log prefix "[UFW LIMIT BLOCK] " counter packets 0 bytes 0 reject } chain ufw-user-limit-accept { counter packets 0 bytes 0 accept } chain f2b-sshd { ip saddr 150.241.115.204 counter packets 49 bytes 4148 reject ip saddr 218.92.0.198 counter packets 19 bytes 1664 reject ip saddr 218.92.0.219 counter packets 20 bytes 1824 reject ip saddr 218.92.0.246 counter packets 31 bytes 2252 reject counter packets 20747 bytes 2277982 return } } # Warning: table ip6 filter is managed by iptables-nft, do not touch! table ip6 filter { chain ufw6-before-logging-input { } chain ufw6-before-logging-output { } chain ufw6-before-logging-forward { } chain ufw6-before-input { iifname "lo" counter packets 12352 bytes 1405795 accept rt type 0 counter packets 0 bytes 0 drop ct state related,established counter packets 39243 bytes 421604488 accept meta l4proto ipv6-icmp icmpv6 type echo-reply counter packets 0 bytes 0 accept ct state invalid counter packets 0 bytes 0 jump ufw6-logging-deny ct state invalid counter packets 0 bytes 0 drop meta l4proto ipv6-icmp icmpv6 type destination-unreachable counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type packet-too-big counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type time-exceeded counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type parameter-problem counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type echo-request counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type nd-router-solicit ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type nd-router-advert ip6 hoplimit 255 counter packets 3000 bytes 288000 accept meta l4proto ipv6-icmp icmpv6 type nd-neighbor-solicit ip6 hoplimit 255 counter packets 1346 bytes 96912 accept meta l4proto ipv6-icmp icmpv6 type nd-neighbor-advert ip6 hoplimit 255 counter packets 1512 bytes 96768 accept meta l4proto ipv6-icmp xt match icmp6 ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 ip6 hoplimit 1 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 ip6 hoplimit 1 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 ip6 hoplimit 1 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 counter packets 0 bytes 0 accept ip6 saddr fe80::/10 ip6 daddr fe80::/10 udp sport 547 udp dport 546 counter packets 0 bytes 0 accept ip6 daddr ff02::fb udp dport 5353 counter packets 0 bytes 0 accept ip6 daddr ff02::f udp dport 1900 counter packets 0 bytes 0 accept counter packets 0 bytes 0 jump ufw6-user-input } chain ufw6-before-output { oifname "lo" counter packets 12352 bytes 1405795 accept rt type 0 counter packets 0 bytes 0 drop ct state related,established counter packets 22756 bytes 1866865 accept meta l4proto ipv6-icmp icmpv6 type destination-unreachable counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type packet-too-big counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type time-exceeded counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type parameter-problem counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type echo-request counter packets 2 bytes 208 accept meta l4proto ipv6-icmp icmpv6 type echo-reply counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type nd-router-solicit ip6 hoplimit 255 counter packets 37 bytes 2072 accept meta l4proto ipv6-icmp icmpv6 type nd-neighbor-advert ip6 hoplimit 255 counter packets 1334 bytes 96040 accept meta l4proto ipv6-icmp icmpv6 type nd-neighbor-solicit ip6 hoplimit 255 counter packets 1519 bytes 109368 accept meta l4proto ipv6-icmp icmpv6 type nd-router-advert ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 counter packets 8 bytes 648 accept meta l4proto ipv6-icmp xt match icmp6 ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp xt match icmp6 ip6 hoplimit 255 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 ip6 hoplimit 1 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 ip6 hoplimit 1 counter packets 0 bytes 0 accept meta l4proto ipv6-icmp ip6 saddr fe80::/10 xt match icmp6 ip6 hoplimit 1 counter packets 0 bytes 0 accept counter packets 7105 bytes 750237 jump ufw6-user-output } chain ufw6-before-forward { rt type 0 counter packets 0 bytes 0 drop ct state related,established counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type destination-unreachable counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type packet-too-big counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type time-exceeded counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type parameter-problem counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type echo-request counter packets 0 bytes 0 accept meta l4proto ipv6-icmp icmpv6 type echo-reply counter packets 0 bytes 0 accept counter packets 0 bytes 0 jump ufw6-user-forward } chain ufw6-after-input { udp dport 137 counter packets 0 bytes 0 jump ufw6-skip-to-policy-input udp dport 138 counter packets 0 bytes 0 jump ufw6-skip-to-policy-input tcp dport 139 counter packets 0 bytes 0 jump ufw6-skip-to-policy-input tcp dport 445 counter packets 0 bytes 0 jump ufw6-skip-to-policy-input udp dport 546 counter packets 0 bytes 0 jump ufw6-skip-to-policy-input udp dport 547 counter packets 0 bytes 0 jump ufw6-skip-to-policy-input } chain ufw6-after-output { } chain ufw6-after-forward { } chain ufw6-after-logging-input { limit rate 3/minute burst 10 packets counter packets 0 bytes 0 log prefix "[UFW BLOCK] " } chain ufw6-after-logging-output { } chain ufw6-after-logging-forward { limit rate 3/minute burst 10 packets counter packets 0 bytes 0 log prefix "[UFW BLOCK] " } chain ufw6-reject-input { } chain ufw6-reject-output { } chain ufw6-reject-forward { } chain ufw6-track-input { } chain ufw6-track-output { meta l4proto tcp ct state new counter packets 223 bytes 17840 accept meta l4proto udp ct state new counter packets 6872 bytes 731557 accept } chain ufw6-track-forward { } chain INPUT { type filter hook input priority filter; policy drop; counter packets 57453 bytes 423491963 jump ufw6-before-logging-input counter packets 57453 bytes 423491963 jump ufw6-before-input counter packets 0 bytes 0 jump ufw6-after-input counter packets 0 bytes 0 jump ufw6-after-logging-input counter packets 0 bytes 0 jump ufw6-reject-input counter packets 0 bytes 0 jump ufw6-track-input } chain OUTPUT { type filter hook output priority filter; policy accept; counter packets 45113 bytes 4231233 jump ufw6-before-logging-output counter packets 45113 bytes 4231233 jump ufw6-before-output counter packets 7105 bytes 750237 jump ufw6-after-output counter packets 7105 bytes 750237 jump ufw6-after-logging-output counter packets 7105 bytes 750237 jump ufw6-reject-output counter packets 7105 bytes 750237 jump ufw6-track-output } chain FORWARD { type filter hook forward priority filter; policy drop; counter packets 0 bytes 0 jump ufw6-before-logging-forward counter packets 0 bytes 0 jump ufw6-before-forward counter packets 0 bytes 0 jump ufw6-after-forward counter packets 0 bytes 0 jump ufw6-after-logging-forward counter packets 0 bytes 0 jump ufw6-reject-forward counter packets 0 bytes 0 jump ufw6-track-forward } chain ufw6-logging-deny { ct state invalid limit rate 3/minute burst 10 packets counter packets 0 bytes 0 return limit rate 3/minute burst 10 packets counter packets 0 bytes 0 log prefix "[UFW BLOCK] " } chain ufw6-logging-allow { limit rate 3/minute burst 10 packets counter packets 0 bytes 0 log prefix "[UFW ALLOW] " } chain ufw6-skip-to-policy-input { counter packets 0 bytes 0 drop } chain ufw6-skip-to-policy-output { counter packets 0 bytes 0 accept } chain ufw6-skip-to-policy-forward { counter packets 0 bytes 0 drop } chain ufw6-user-input { tcp dport 22 counter packets 0 bytes 0 accept } chain ufw6-user-output { } chain ufw6-user-forward { } chain ufw6-user-logging-input { } chain ufw6-user-logging-output { } chain ufw6-user-logging-forward { } chain ufw6-user-limit { limit rate 3/minute counter packets 0 bytes 0 log prefix "[UFW LIMIT BLOCK] " counter packets 0 bytes 0 reject } chain ufw6-user-limit-accept { counter packets 0 bytes 0 accept } }
open ports : Code: root@host:~# ss -tuln Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:* udp UNCONN 0 0 10.12.112.3:123 0.0.0.0:* udp UNCONN 0 0 45.77.189.250:123 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:123 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:123 0.0.0.0:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:53 [::]:* udp UNCONN 0 0 [::1]:123 [::]:* udp UNCONN 0 0 [::]:123 [::]:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 10 10.12.112.3:53 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 5 127.0.0.1:953 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 10 127.0.0.1:53 0.0.0.0:* tcp LISTEN 0 511 127.0.0.1:6379 0.0.0.0:* tcp LISTEN 0 1024 127.0.0.1:11211 0.0.0.0:* tcp LISTEN 0 100 0.0.0.0:4190 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:11333 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:11332 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:11334 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 10 45.77.189.250:53 0.0.0.0:* tcp LISTEN 0 511 0.0.0.0:8081 0.0.0.0:* tcp LISTEN 0 511 0.0.0.0:8080 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:10023 0.0.0.0:* tcp LISTEN 0 512 0.0.0.0:993 0.0.0.0:* tcp LISTEN 0 100 0.0.0.0:995 0.0.0.0:* tcp LISTEN 0 100 0.0.0.0:587 0.0.0.0:* tcp LISTEN 0 100 0.0.0.0:465 0.0.0.0:* tcp LISTEN 0 512 0.0.0.0:143 0.0.0.0:* tcp LISTEN 0 9 0.0.0.0:21 0.0.0.0:* tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* tcp LISTEN 0 100 0.0.0.0:25 0.0.0.0:* tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:* tcp LISTEN 0 100 0.0.0.0:110 0.0.0.0:* tcp LISTEN 0 80 0.0.0.0:3306 0.0.0.0:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 10 [::1]:53 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 5 [::1]:953 [::]:* tcp LISTEN 0 511 [::1]:6379 [::]:* tcp LISTEN 0 4096 [::1]:10023 [::]:* tcp LISTEN 0 100 [::]:4190 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 10 [2001:19f0:ac02:c01::]:53 [::]:* tcp LISTEN 0 4096 [::1]:11334 [::]:* tcp LISTEN 0 4096 [::1]:11333 [::]:* tcp LISTEN 0 4096 [::1]:11332 [::]:* tcp LISTEN 0 511 [::]:8081 [::]:* tcp LISTEN 0 511 [::]:8080 [::]:* tcp LISTEN 0 512 [::]:993 [::]:* tcp LISTEN 0 100 [::]:995 [::]:* tcp LISTEN 0 100 [::]:587 [::]:* tcp LISTEN 0 100 [::]:465 [::]:* tcp LISTEN 0 512 [::]:143 [::]:* tcp LISTEN 0 9 [::]:21 [::]:* tcp LISTEN 0 128 [::]:22 [::]:* tcp LISTEN 0 100 [::]:25 [::]:* tcp LISTEN 0 511 [::]:80 [::]:* tcp LISTEN 0 100 [::]:110 [::]:* tcp LISTEN 0 80 [::]:3306 [::]:* As you see [::]:8080 for the ISP Config is open, and [::]:8081 for phpmyadmin is open as well
Yes, ISPConfig is working fine. What you posted in #4 already made clear that ISPConfig was working and that there is neither an issue with ISPconfig nor the auto-installer. Your whole issue is that access to the ports is blocked. It seems as if you blocked all ports except port 22 by manually setting rules in UFW or your provider has set such rules. Open the ports you want to access in UFW or shut down UFW for testing.
just to add, whilst you need to open up the other ports in ufw (do this from the ispconfig gui). this does not necessarily mean everything will work now, it most likely will, but it's still possible you have another firewall at the edge of your network that is also still blocking access to those ports.
Also, with the ports closed at install time, you have not received a valid Let's Encrypt certificate for the system. You must run ispconfig_update.sh --force after opening them to create a new SSL certificate.
Anyway, I think if the bare metal had a clean Debian 12 install, all ports should normally be already opened by ISPConfig AI by default. My only guess is, this was not a clean install.
Some providers do not provide a clean or standard Debian on their bare metal systems, even if they call it standard or minimal install. They install firewalls and close things up except port 22. The ISPConfig AI does not remove or uninstall any existing software, so it can well be that if the provider has installed or enabled a firewall already, the ports are closed.
