pfsense webconfigurator is binding WAN IP port 80 and stopping haproxy

Laxarus

Hi,
I have noticed that pfsense webconfigurator is binding port 80 even though it is set to https with port 14364.
I have noticed this recently when I was checking the connection issue to my internal LAN sites and I saw that HAproxy crashed since it could not bind to port 80.
This was working perfectly before and the only thing that have changed is that the due to my ISP working on maintenance my WAN connection was down, status pending as shown below.

HAproxy is set to WAN IP port 80

but I could not enable this since webui is binding port 80

Webconfigurator

To further test this, I have switched to webconfigurator http with port 14363 and haproxy started binding port 80.
After switching back to https, webconfigurator crashed since this time haproxy was binding port 80.

So, question is why is pfsense is trying to bind port 80 even though it is set to a different port?
Why is haproxy WAN address port 80 is clashing with this?
Can anyone try to replicate this?
I see these entries for port 80 on diagnostics/sockets

Or the issue is with HAproxy considering the error I am getting

[ALERT] (38957) : Binding [/var/etc/haproxy/haproxy.cfg:34] for frontend External: cannot bind socket (Address already in use) for [0.0.0.0:80]

Why is it trying to bind 0.0.0.0 instead of the WAN IP? Well, it is true that there is no WAN IP since WAN is in "pending" state, however, it still should not do that right?

Gertjan

@Laxarus

Try this :
Switch to http mode, and chose some other, not 80, port, and save.
Then switch back to https mode, and make sure its '14364', and save.

Laxarus

Hey @Gertjan, I have already tried that. I have switched to webconfigurator http with port 14363 and haproxy started binding port 80 successfully. However, when I switched back to https with port 14364, the port 80 was not available again for haproxy.

Gertjan

@Laxarus

Hummm...
Switching to 'http' mode port 90 works :

[24.03-RELEASE][root@pfSense.bhf.tld]/root: sockstat -4 | grep 'nginx'
root     nginx       7804 5   tcp4   *:90                  *:*
root     nginx       7478 5   tcp4   *:90                  *:*
root     nginx       7362 5   tcp4   *:90                  *:*

But when I activated https mode, port 443, my port '80' http gets resored ...
Plan B check :

Laxarus

@Gertjan hmm, yeah disabling that it stopped binding and it makes sense that to redirect it should also bind port 80.
However, that option is actually very useful. Then the problem is with HAProxy. It is trying to bind to every interface with "0.0.0.0" when WAN IP is not present. This should be the problem. Can someone try to replicate that?