I’m having a difficult time understanding why I’m unable to limit the IP
address to which nginx binds.
nginx 1.2.6-1
Linux 3.2.0-4-amd64 #1 SMP Debian 3.2.35-2 x86_64 GNU/Linux
================
root@skokomish:/etc/nginx# netstat -pant |grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN
7768/nginx
tcp 0 0 66.113.100.140:81 0.0.0.0:*
LISTEN
7768/nginx
shows that it is binding on port 80 of all IP addresses.
Yet each of my hosts is explicitly listening on a single IP address:
root@skokomish:/etc/nginx/sites-available# more default
{ listen 127.0.0.1:80; }
root@skokomish:/etc/nginx/sites-available# more example
server
{
server_name example.com www.example.com;
listen 66.113.100.140:80;
access_log /var/log/ngnix/example.log;
error_log /var/log/nginx/example.error.log;
location /site {
alias /data/www/content/site/example;
}
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_connect_timeout 10;
proxy_read_timeout 10;
proxy_pass http://10.15.20.10:8107/;
}
}
==========================
There is no ‘listen’ statement in nginx.conf itself:
root@skokomish:/etc/nginx# grep listen nginx.conf
listen localhost:110;
listen localhost:143;
==========================
Grepping for ‘listen’ shows:
root@skokomish:/etc/nginx# for i in find .
; do grep listen $i;
done|sort|uniq
grep: .: Is a directory
grep: ./sites-enabled: Is a directory
grep: ./conf.d: Is a directory
grep: ./sites-available: Is a directory
{ listen 127.0.0.1:80; }
listen 66.113.100.140:80;
listen 66.113.100.140:81;
listen localhost:110;
listen localhost:143;
root@skokomish:/etc/nginx# ls conf.d
root@skokomish:/etc/nginx#
==================================
Thanks in advance.
-Steve W.
Posted at Nginx Forum:
Can you please try the official nginx.org binary [1] for debian or even
better compile it from source? Debian patches its packets heavily and
you are even running the packet from debian unstable.
You may report your issue to debian, if it works with nginx.org build.
[1] nginx: download
Thanks for the advice.
As per your suggestion, I’ve installed the 1.2.6-1 squeeze package from
nginx.org and the problem persists.
I will follow up with the results of a source build.
-s
=======================================================================================
wget
http://nginx.org/packages/debian/pool/nginx/n/nginx/nginx_1.2.6-1~squeeze_amd64.deb
–2013-01-22 18:38:49–
http://nginx.org/packages/debian/pool/nginx/n/nginx/nginx_1.2.6-1~squeeze_amd64.deb
Resolving nginx.org (nginx.org)… 206.251.255.63
Connecting to nginx.org (nginx.org)|206.251.255.63|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 485238 (474K) [application/octet-stream]
Saving to: ���nginx_1.2.6-1~squeeze_amd64.deb���
100%[========================================================================================================>]
485,238 614KB/s in 0.8s
2013-01-22 18:38:50 (614 KB/s) - ���nginx_1.2.6-1~squeeze_amd64.deb���
saved
[485238/485238]
root@skokomish:/tmp# !dpkg
dpkg -i ls *deb
(Reading database … 136211 files and directories currently installed.)
Preparing to replace nginx 1.2.6-1~squeeze (using
nginx_1.2.6-1~squeeze_amd64.deb) …
Unpacking replacement nginx …
Setting up nginx (1.2.6-1~squeeze) …
root@skokomish:/tmp# /etc/init.d/nginx start
root@skokomish:/tmp# !netstat
netstat -pant |grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN
15578/nginx.conf
tcp 0 0 66.113.100.140:81 0.0.0.0:*
LISTEN
15578/nginx.conf
root@skokomish:/tmp#
Posted at Nginx Forum:
On Tue, 2013-01-22 at 21:59 -0500, middleforkgis wrote:
16609/nginx.conf
-S
have a looksee what’s under /etc/nginx/conf.d… there’s often config
for the default ‘it works’ splash screen in there.
Steve
http://nginx.org/download/nginx-1.2.6.tar.gz
./configure
./make
./make install
/usr/local/sbin/nginx -c /etc/nginx/nginx.conf
netstat -pant |grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN
16609/nginx.conf
tcp 0 0 66.113.100.140:81 0.0.0.0:*
LISTEN
16609/nginx.conf
Problem persists, the problem does not appear to be with the Debian
package but in my config.
I’ll try a plain vanilla off-the-shelf nginx.conf next.
-S
Posted at Nginx Forum:
That’s really good advice - in general - if not in this case.
Via the standard Debian install, conf.d is empty:
#ls -l /etc/nginx/conf.d
total 0
===
Conversely, downloading the squeeze package from nginx does indeed
create a
file
/etc/nginx/conf.d/default.conf which includes the following:
server {
listen 80;
server_name localhost;
which could have been the culprit - but wasn’t in my original case (my
first
post does show an empty conf.d, and I’ve verified that on a separate
machine).
But again, that’s important advice you gave.
Since, in my debugging, along the way I did remove the package from the
debian repository and install the package from nginx.org, and so the
/etc/nginx/conf.d/default.conf was on my system during the subsequent
tests
I documented above.
So, I now need to repeat the entire process and report back on it.
-S
Posted at Nginx Forum:
SOLVED
Thank you Igor, you solved the issue for me.
I had one non-standard entry in my sites-available:
This is how I found it:
#for i in ls
; do echo $i; grep listen $i; done
site1
listen 66.113.100.140:80;
site2
listen 66.113.100.140:80;
site3
listen 66.113.100.140:80;
site4
listen 66.113.100.140:80;
site5
listen 66.113.100.140:80;
site6
listen 66.113.100.140:80;
site7
site8
listen 66.113.100.140:80;
site9
listen 66.113.100.140:80;
site10
listen 66.113.100.140:80;
everybody has a ‘listen’ directive except the entry for ‘site7’
#netstat -pant |grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN
19915/nginx
tcp 0 0 66.113.100.140:81 0.0.0.0:*
LISTEN
19915/nginx
#rm site7
#/etc/init.d/nginx restart
netstat -pant |grep nginx
tcp 0 0 66.113.100.140:80 0.0.0.0:*
LISTEN
21884/nginx
tcp 0 0 66.113.100.140:81 0.0.0.0:*
LISTEN
21884/nginx
SOLVED!
Thank you for your help!
Posted at Nginx Forum:
On Jan 23, 2013, at 2:15 , middleforkgis wrote:
7768/nginx
root@skokomish:/etc/nginx/sites-available# more example
location / {
done|sort|uniq
root@skokomish:/etc/nginx#
==================================
Thanks in advance.
If there is server block without a listen directive,
then nginx will listen on *:80.
–
Igor S.