Did something stupid that interrupting Ethernet access for "some ports"

Question

I have just installed Ubuntu Server 20.04 on my server, but I executed an automated script without carefully watching, and it resulted in a really weird scenario.

I also have multiple webservers enabled on that server, but on alternative ports. Before I executed it, I can access them easily by typing server's Ethernet address and it's port. But after it, I just don't know why it wouldn't work. Here is some info I can provide:

1. Ports, such as 22(SSHD), 25(Postfix), 80 and 443(Apache) all worked very well. My Nginx server listening on all other ports, for example, if I get it to listen on port 30000, I will be able to see the port occupied by Nginx via:

   lsof -i:40000

But for some reason, while listening all the other ports is not accessible, if I stop apache and make nginx listen on 80 and 443, it would work. Though, no luck if I make Nginx to listen on 81 and 444.

2. It is not a router issue. Though, telnet Nginx address:port have no response.

3. Accessing from Ethernet is not working, but if I do that on localhost, like if I log into my server via ssh and "telnet localhost 40000", I can get Nginx's response.

4. All the problems was probably due to a careless iRedmail install. I am still digging it's installation script.

Please let me know if you have any idea, really don't want to reinstall a whole server just for this...Thanks in advance!

Answer 1

This problem is caused by the nftable rules provided in iRedmail installation script. In the end of installation, the script would ask you if you would like to apply rules provided by iRedmail. If you accepted, the original nftables.conf would be backuped and replaced. The backup file is at /etc/nftables.conf-[date].

Remove the nftables provided by iRedmail, and restore the backup. It will be working again.