Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HA proxy port 80 in use after upgrade to 23.09.1

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    1
    2
    805
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      ironwood
      last edited by

      I updated my Netgate 7100 from 23.09 to 23.09.1 yesterday. After the reboot, I noticed that the haproxy service was stopped and would not restart. Checking the logs I found this error:

      haproxy: startup error output!: [NOTICE] (48071) : config : config: Can't open global server state file '/tmp/haproxy_server_state': No such file or directory[NOTICE] (48071) : haproxy version is 2.8.2-61a0f57[NOTICE] (48071) : path to executable is /usr/local/sbin/haproxy[ALERT] (48071) : Binding [/var/etc/haproxy/haproxy.cfg:53] for frontend http_to_https: cannot bind socket (Address already in use) for [0.0.0.0:80][ALERT] (48071) : [/usr/local/sbin/haproxy.main()] Some protocols failed to start their listeners! Exiting.

      I disabled the http to https redirect in the frontend and the service started on its own.

      I tried to restart the redirect and got this error, basically the same as above:

      [NOTICE] (59747) : haproxy version is 2.8.2-61a0f57
      [NOTICE] (59747) : path to executable is /usr/local/sbin/haproxy
      [ALERT] (59747) : Binding [/var/etc/haproxy/haproxy.cfg:53] for frontend http_to_https: cannot bind socket (Address already in use) for [0.0.0.0:80]
      [ALERT] (59747) : [/usr/local/sbin/haproxy.main()] Some protocols failed to start their listeners! Exiting.

      The only other frontend I have are host redirects all on port 443, no port 80 frontends. I'm not sure what the "already in use" port 80 could be. This as been configured as is for 2 years now. Anyone have any ideas?

      I 1 Reply Last reply Reply Quote 0
      • I
        ironwood @ironwood
        last edited by ironwood

        @ironwood Ok, I found the solution, or rather, ChatGPT found the solution. Under System > Advanced > Admin Access, there is a setting called WebGUI Login Redirect. This is the description:

        When this is unchecked, access to the webConfigurator is always permitted even on port 80, regardless of the listening port configured. Check this box to disable this automatically added redirect rule.

        The redirect is enabled for port 80 by default and was conflicting with the http to https redirect I had set up in HAproxy a long time ago. I check the box to disable it, saved, enabled my redirect and voila, it works!

        I'm guessing this was either a new feature in 23.09.1 or it I had it checked before and it "unchecked" itself? Would be interested in finding if that setting exists in earlier versions if anyone hasn't upgraded.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post