Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] Problem with Squid 3 reverse proxy (port 80) on 2.2.5

    Scheduled Pinned Locked Moved Cache/Proxy
    7 Posts 2 Posters 4.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Marlenio
      last edited by

      Hi,
      i have two pfSense 2.1.5 that act as front firewall with CARP configuration. I have several VIP bind with several service, SQUID publish some HTTP (port 80) site in revers proxy and system work without any problem.
      I tried to upgrade pfSense to 2.2.5, but i have some problems. First, i add in System -> Advandec -> System tunables "net.inet.ip.portrange.reservedhigh=0" for port lower than 1024, install SQUID 3 (o.4.2 beta), and made some test from external WAN on published HTTP site. Here is the problem: some site work, other are not reachable. It doesn't matter if site is published on real pfSense WAN IP or WAN VIP.

      In SQUID i see this error:

      11.11.2015 08:59:30 commBind: Cannot bind socket FD 36 to 213.nnn.nnn.75:80: (49) Can't assign requested address
      11.11.2015 08:59:30 commBind: Cannot bind socket FD 34 to 213.nnn.nnn.107:80: (48) Address already in use
      11.11.2015 08:59:30 commBind: Cannot bind socket FD 32 to 213.nnn.nnn.90:80: (48) Address already in use
      11.11.2015 08:59:30 commBind: Cannot bind socket FD 31 to 213.nnn.nnn.80:80: (48) Address already in use
      11.11.2015 08:59:30 commBind: Cannot bind socket FD 30 to 213.nnn.nnn.74:80: (48) Address already in use

      Can anyone help me to solve the problem?

      Marlenio

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        What's unclear there? Port 80 is already used (most likely by your WebGUI).

        1 Reply Last reply Reply Quote 0
        • M
          Marlenio
          last edited by

          Yes, it's clear. But why it works without any problem on 2.1.5 and some site on port 80 still works on 2.2.5?

          Marlenio

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            Look, run sockstat -4, find what's running there and move it elsewhere. Cannot have multiple things listening on the same port.

            1 Reply Last reply Reply Quote 0
            • M
              Marlenio
              last edited by

              OK, i'll try. But why the same config works on 2.1.5?

              Marlenio

              1 Reply Last reply Reply Quote 0
              • M
                Marlenio
                last edited by

                In other words, i need to have service HTTP (port 80) bind not with only one IP, but with many VIP, like i can do with pfSense 2.1.5.

                Marlenio

                1 Reply Last reply Reply Quote 0
                • M
                  Marlenio
                  last edited by

                  I have solved in this way: edit /etc/sysctl.conf and add this line:

                  net.inet.ip.portrange.reservedlow=0
                  net.inet.ip.portrange.reservedhigh=20

                  Marlenio

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.