Bug #4297
closed
Squid unable to listen on port inferior to 1024
0%
Description
Squid 3.4.10_2 pkg 0.2.6
pFsense 2.2
Impossible to listen on port <1024
The field 'reverse HTTP port' must contain a port number higher than net.inet.ip.portrange.first sysctl value(1024).
To listen on low ports, change portrange.first sysctl value to 0 on system tunable options and restart squid daemon.
The field 'reverse HTTPS port' must contain a port number higher than net.inet.ip.portrange.first sysctl value(1024).
To listen on low ports, change portrange.first sysctl value to 0 on system tunable options and restart squid daemon.
Change to sysctl net.inet.ip.portrange or sysctl net.inet.ip.portrange.first=0
has not effect.
Updated by Chris Buechler almost 10 years ago
- Status changed from New to Rejected
that sysctl has no relation to what you're trying to do. net.inet.ip.portrange.reservedhigh is what you're looking for. you don't want to bind it to < 1024 generally anyway. Regardless, not a bug, please post to the forum if you need further assistance.
Updated by Stanislas Khider almost 10 years ago
Chris Buechler wrote:
that sysctl has no relation to what you're trying to do. net.inet.ip.portrange.reservedhigh is what you're looking for. you don't want to bind it to < 1024 generally anyway. Regardless, not a bug, please post to the forum if you need further assistance.
There is a thread in the forum about that with Marceloc (He tolds me to warn for that bug)
Reserveehigh doesn't work either
Updated by Rody Lopez almost 10 years ago
Chris,
This is a bug and you can see in the forums that other users are having the same problem.
Yes, I do need to bind to a port <1024 as is the case when using Squid as reverse proxy for Lync, the listener must be configured on port 443.
I tried using net.inet.ip.portrange.reservedhigh and as Stanislas said, it does not work.
Do you have a suggestion other than a NAT redirect in the mean time?
Thanks,
Rody.