Page 1 of 1
[solved] I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 30th, 2010, 6:23 pm
by sadnem
Hi, my issue is that after rebooting i can´t access sabnzbd+ from my home, i´ve tried restarting the /etc/ini.d/sabnzbd+ script several times but it´s still not working, I´m accesing to sabnzbd+ via my.server.ip:port/sabnzbd/ but ff says something like: "The connection timed out" and i don´t know anymore what to do, Any idea?
PS: I know that sabnzbd+ is working because files are being downloaded (i have some rss feeds configured so sab download automatically).
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 1:58 am
by sander
Which OS are you using exactly? All Ubuntu? On the client too?
Are you trying to access SABnbzd through / behind a NAT device (router/modem)?
On which (local?) IP address is your SAB machine? Use "ifconfig" to get that information. Has the IP address change due to the reboot?
Can you access SAB from another computer on the same LAN?
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 7:50 am
by sadnem
- I´m using Ubuntu on the server and Winxp on the client
- I don´t think so because before the reboot i could use sab perfectly (in addition, i can tell you that i´m using another apps that require the use of ports and they are running fine)
- The IP adress have not changed because its static.
- If you refer to my lan no, i can´t but if you refer to the server LAN i can´t tell you because the only way i have to access it is through ssh.
Thanks for the support.
Regards, Sadnem.
EDIT: SOme more info (maybe it help) I´ve tried changing the ports to but it´s not working.
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 10:03 am
by sander
Sorry, I'm lost: there is a LAN, there is a server LAN, there is no NAT, and there is only ssh access?
Maybe you can make a drawing and post it here? Please include IP addresses (from ifconfig) in the drawing.
BTW: have you considered using IPv6? Both on Ubuntu and Windows it's easy to use.
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 10:17 am
by sadnem
Ifconfig:
Code: Select all
eth0 Link encap:Ethernet HWaddr 00:16:3e:3a:8f:98
inet addr:212.227.54.53 Bcast:212.227.54.53 Mask:255.255.255.255
inet6 addr: fe80::216:3eff:fe3a:8f98/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:39461594 errors:307158 dropped:1247551 overruns:0 frame:0
TX packets:36286072 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:41210567768 (38.3 GB) TX bytes:38177967686 (35.5 GB)
Interrupt:32 Base address:0xa000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3490564 errors:0 dropped:0 overruns:0 frame:0
TX packets:3490564 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:624183901 (595.2 MB) TX bytes:624183901 (595.2 MB)
sit1 Link encap:IPv6-in-IPv4
inet6 addr: fe80::d4e3:3635/64 Scope:Link
inet6 addr: 2406:a000:f0ff:ffff:8000:0:d4e3:3635/128 Scope:Global
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:1828 errors:0 dropped:0 overruns:0 frame:0
TX packets:1837 errors:1 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:0
RX bytes:146232 (142.8 KB) TX bytes:183700 (179.3 KB)
sixxs Link encap:IPv6-in-IPv4
inet6 addr: 2a01:198:200:7a5::2/64 Scope:Global
inet6 addr: fe80::d4e3:3635/128 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Sorry, I'm lost: there is a LAN, there is a server LAN, there is no NAT, and there is only ssh access?
I think that you said it correctly although im not sure if theres no NAT :S.
I have ipv6 correctly configured on Ubuntu, but nothing on WinXP No problem for me using it but i have no idea how to do it, it would be very much apreciated if you can help me.
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 10:49 am
by jcfp
Looks like a remote (virtual, rented) server, so much for the lan or not confusion. Try to find out if and where sab is listening for connections, for example using sudo netstat -ntepl on the server side. You're looking for a python process, with the port of the local address matching that of sabnzbd.
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 11:09 am
by sander
There's a public IP address on your server, so indeed there's (probably) no NAT.
However, port 8080 is taken by the ISP / hosting provider. So on which port is your SABnbzd running?
Maybe SABnzbd is indeed running on port 8080, which port is overruled by your ISP. If so, try port 8888 or so.
Use the command from the previous post to find out. Here's mine, with SABnzbd on port 8080:
Code: Select all
sander@athlon64:~$ sudo netstat -ntepl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 5224 1432/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 0 6246 1906/cupsd
tcp6 0 0 :::22 :::* LISTEN 0 5226 1432/sshd
tcp6 0 0 ::1:631 :::* LISTEN 0 6245 1906/cupsd
tcp6 0 0 :::445 :::* LISTEN 0 6214 1826/smbd
tcp6 0 0 :::139 :::* LISTEN 0 6216 1826/smbd
tcp6 0 0 :::8080 :::* LISTEN 1000 24723 5519/python
tcp6 0 0 :::80 :::* LISTEN 0 6139 1852/thttpd
sander@athlon64:~$
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 12:02 pm
by sadnem
yes, i´ve changed the port of sabnzbd to 26789:
Code: Select all
sudo netstat -ntepl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 212.227.54.53:26789 0.0.0.0:* LISTEN 0 288091 31975/python
more entries but none of them listens to the same port...
But i had configured sabnzbd+ to listen on this port before, i mean it wasn´t listening to 8080from the begining so it´s not working, :S
Maybe fail2ban or some other service is blocking the access to sabnzbd?
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 1:47 pm
by jcfp
All this shows sab running correctly, but behind a firewall. An nmap scan from my end shows 26789/tcp as filtered. sudo iptables -L -n -v server side might help you remember, otherwise start talking to the hosting provider...
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: January 31st, 2010, 4:44 pm
by sadnem
Here is the start of my iptables, maybe its something related to this:
Code: Select all
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
158K 79M fail2ban-ssh tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22
0 0 DROP tcp -- !lo * 0.0.0.0/0 127.0.0.0/8
47M 44G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
7930 476K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
16396 922K PUB_IN all -- eth+ * 0.0.0.0/0 0.0.0.0/0
0 0 PUB_IN all -- ppp+ * 0.0.0.0/0 0.0.0.0/0
0 0 PUB_IN all -- slip+ * 0.0.0.0/0 0.0.0.0/0
0 0 PUB_IN all -- venet+ * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 5306K packets, 950M bytes)
pkts bytes target prot opt in out source destination
15M 38G PUB_OUT all -- * eth+ 0.0.0.0/0 0.0.0.0/0
0 0 PUB_OUT all -- * ppp+ 0.0.0.0/0 0.0.0.0/0
0 0 PUB_OUT all -- * slip+ 0.0.0.0/0 0.0.0.0/0
0 0 PUB_OUT all -- * venet+ 0.0.0.0/0 0.0.0.0/0
if thats the problem how could i change those drops to ACCEPT?
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: February 1st, 2010, 5:48 am
by jcfp
sadnem wrote:Here is the start of my iptables, maybe its something related to this:
Code: Select all
pkts bytes target prot opt in out source destination
16396 922K PUB_IN all -- eth+ * 0.0.0.0/0 0.0.0.0/0
^^^ This is where the attempts to connect to the web interface will end up. Unfortunately, the relevant part of the firewall (PUB_IN target) isn't posted, but I'd expect it to be a list of services that are accepted, followed by a catch-all DROP for anything else. If so, you should modify the firewall configuration to allow stuff on sab's port too.
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: February 1st, 2010, 3:19 pm
by sadnem
Hmm i didn´t know that the rest of it could be useful here it is:
Code: Select all
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain PAROLE (11 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:www
PAROLE tcp -- anywhere anywhere tcp dpt:pop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap2
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:mysql
PAROLE tcp -- anywhere anywhere tcp dpt:webcache
PAROLE tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT udp -- anywhere anywhere udp dpt:domain
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain PUB_OUT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
If i have to modify the firewall how can i do so ? Thank you, its my first time configuring a clean server from clean installation with only ssh.
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: February 2nd, 2010, 3:32 am
by jcfp
sadnem wrote:
If i have to modify the firewall how can i do so ? Thank you, its my first time configuring a clean server from clean installation with only ssh.
As I expected, PUB_IN defines public services and denies anything else (note that PAROLE also means it's allowed since that chain doesn't really do anything). Can't tell you where your firewall config is, afaik Ubuntu doesn't have a firewall by default so you'll have had to activate it yourself.
sudo iptables -A PUB_IN -p tcp --dport 26789 -j ACCEPT probably works as a quick fix, but will be lost on every boot. Anyway, this is going quite far off-topic so please ask any further questions in some Ubuntu support forum rather than here.
Re: I Can´t manage Sabnzbd+ from my home after rebooting
Posted: February 2nd, 2010, 11:51 am
by sadnem
You were right i have Basille installed but not configured, now its running fine, thanks