[SOLVED] New zone port binding fail

Ap0p0

Hi all,

I have currently 3 active zones working perfectly. I can see portals ports in rule.debug like this:

pass in  quick on { igb5_vlan1001 } proto tcp from any to { 10.1.0.1 10.1.0.3 } port { 8005 8004 } tracker 1000000551 keep state(sloppy)
pass in  quick on { igb5 } proto tcp from any to { 10.0.0.1 10.0.0.3 } port { 8003 8002 } tracker 1000000553 keep state(sloppy)
pass in  quick on { igb5_vlan1006 } proto tcp from any to { 10.6.0.1 10.6.0.3 } port { 8007 8006 } tracker 1000000555 keep state(sloppy)

But when I try to active the fourth zone, nginx fail to bind port. In fact, it tries to bind the new zone on the same port as one of three other. I get this on my shell:

Message from syslogd@fw1 at Nov  6 21:23:54 …
fw1 nginx: 2017/11/06 21:23:54 [emerg] 14696#100412: bind() to [::]:8004 failed (48: Address already in use)

Port 8004 is already in use on igb5_vlan1001, my first zone.

Does anybody know what happens on my firewall?

Ap0p0

After the fourth zone is activated, and after syslod messages, I get this in rule.debug:

pass in  quick on { igb5_vlan1001 } proto tcp from any to { 10.1.0.1 10.1.0.3 } port { 8005 8004 } tracker 1000000551 keep state(sloppy)
pass in  quick on { igb5_vlan1002 } proto tcp from any to { 10.2.0.1 10.2.0.3 } port { 8005 8004 } tracker 1000000553 keep state(sloppy)
pass in  quick on { igb5 } proto tcp from any to { 10.0.0.1 10.0.0.3 } port { 8003 8002 } tracker 1000000555 keep state(sloppy)
pass in  quick on { igb5_vlan1006 } proto tcp from any to { 10.6.0.1 10.6.0.3 } port { 8007 8006 } tracker 1000000557 keep state(sloppy)

So, I have two zones listening on same port, but on different interface.

Ap0p0

Oups, I'm using 2.3.4-p1 :)

Ap0p0

I'm done with this. I don't know why but both zone on same port had the same id in config.xml. I tried to manually edit it. Didn't work. I had to delete all zones and create them agin. Now IDs are OK.

Bye :)