HAProxy community

Working on localhost, not on Network


#1

I have a basic haproxy running on my machine just trying to forward any traffic to a web server running on the same machine (port 9000). This works correctly on localhost, but not for any other devices. I have tried to connect via netcat and a browser on three different networks. The connection always times out (but is not refused like it is for other ports). Nmapping the port from the machine running haproxy shows it is open, shows it is ‘filtered’ in scans from other devices.

The configuration file is a trimmed version of the one on this page. Looks like this:

defaults
   mode http
   timeout connect 10000ms
   timeout client 50000ms
   timeout server 50000ms

frontend http-in
   bind *:9050
   default_backend websockets_support

backend websockets_support
   server ws1 127.0.0.1:9000

This is a work computer (mac) with certain security configurations. I am going to try running a similar proxy on my own linux machine when I get home tonight. In the meantime, if anyone else has dealt with this problem, I would appreciate some help. I am doubtful that it is security configurations since there is not a connection refused, just a timeout.


#2

Its the security configuration, for sure. Haproxy is correctly configured to serve traffic from all sources.

The opposite is true, most iptables configurations DROP the packet instead of REJECTing the connection attempt, leading to a timeout on the client.


#3

After my testing last night on my linux machine at home, I am 99% certain you are right. This is a problem with the particular device.


#4

Just to answer the question more fully, I found that switching binding to port 2000 resolved the problem. It seems like port 9050 isn’t allowed to receive incoming connections by some rules on the machine itself somewhere. If you’re having a similar problem, try a bunch of different ports.