Bug #4297
closed
Squid unable to listen on port inferior to 1024
0%
Description
Squid 3.4.10_2 pkg 0.2.6
pFsense 2.2
Impossible to listen on port <1024
The field 'reverse HTTP port' must contain a port number higher than net.inet.ip.portrange.first sysctl value(1024).
To listen on low ports, change portrange.first sysctl value to 0 on system tunable options and restart squid daemon.
The field 'reverse HTTPS port' must contain a port number higher than net.inet.ip.portrange.first sysctl value(1024).
To listen on low ports, change portrange.first sysctl value to 0 on system tunable options and restart squid daemon.
Change to sysctl net.inet.ip.portrange or sysctl net.inet.ip.portrange.first=0
has not effect.
Updated by Chris Buechler over 9 years ago
- Status changed from New to Rejected
that sysctl has no relation to what you're trying to do. net.inet.ip.portrange.reservedhigh is what you're looking for. you don't want to bind it to < 1024 generally anyway. Regardless, not a bug, please post to the forum if you need further assistance.
Updated by Stanislas Khider over 9 years ago
Chris Buechler wrote:
that sysctl has no relation to what you're trying to do. net.inet.ip.portrange.reservedhigh is what you're looking for. you don't want to bind it to < 1024 generally anyway. Regardless, not a bug, please post to the forum if you need further assistance.
There is a thread in the forum about that with Marceloc (He tolds me to warn for that bug)
Reserveehigh doesn't work either
Updated by Rody Lopez over 9 years ago
Chris,
This is a bug and you can see in the forums that other users are having the same problem.
Yes, I do need to bind to a port <1024 as is the case when using Squid as reverse proxy for Lync, the listener must be configured on port 443.
I tried using net.inet.ip.portrange.reservedhigh and as Stanislas said, it does not work.
Do you have a suggestion other than a NAT redirect in the mean time?
Thanks,
Rody.