[#1421] Add support for TCP toggle listening in server-stream configuration (now UDP doesn't replace TCP when activated)

2026-05-24 09:28:37 +00:00 · 2024-12-31 18:43:37 +00:00 · 2024-12-31 18:43:37 +00:00 · 1dc8b6de31
commit 1dc8b6de31
parent 5e5130c398
3 changed files with 23 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,7 @@
 - [FEATURE] Refactored the way the database migrations are handled to make it more reliable and faster using alembic
 - [FEATURE] Add configurable limit for SecRequestBodyNoFilesLimit in ModSecurity via the `MODSECURITY_REQ_BODY_NO_FILES_LIMIT` setting
 - [FEATURE] Add multi-user support in `Auth basic` plugin
+- [FEATURE] Add support for TCP toggle listening in server-stream configuration (now UDP doesn't replace TCP when activated)
 - [DEPRECATION] Remove `X-XSS-Protection` header from the `header` plugin as it is deprecated
 - [DEPS] Updated coreruleset-v4 version to v4.10.0

--- a/src/common/confs/server-stream/server-stream.conf
+++ b/src/common/confs/server-stream/server-stream.conf
@ -4,10 +4,20 @@ server {

 	# listen
 {% if LISTEN_STREAM == "yes" +%}
-	listen 0.0.0.0:{{ LISTEN_STREAM_PORT }}{% if USE_UDP == "yes" %} udp {% endif %}{% if USE_PROXY_PROTOCOL == "yes" %} proxy_protocol {% endif %};
+	{% if USE_TCP == "yes" %}
+	listen 0.0.0.0:{{ LISTEN_STREAM_PORT }} reuseport{% if USE_PROXY_PROTOCOL == "yes" %} proxy_protocol {% endif %};
+	{% endif %}
+	{% if USE_UDP == "yes" %}
+	listen 0.0.0.0:{{ LISTEN_STREAM_PORT }} udp reuseport{% if USE_PROXY_PROTOCOL == "yes" %} proxy_protocol {% endif %};
+	{% endif %}
 {% endif %}
 {% if USE_IPV6 == "yes" +%}
-	listen [::]:{{ LISTEN_STREAM_PORT }}{% if USE_UDP == "yes" %} udp {% endif %}{% if USE_PROXY_PROTOCOL == "yes" %} proxy_protocol {% endif %};
+	{% if USE_TCP == "yes" %}
+	listen [::]:{{ LISTEN_STREAM_PORT }} reuseport{% if USE_PROXY_PROTOCOL == "yes" %} proxy_protocol {% endif %};
+	{% endif %}
+	{% if USE_UDP == "yes" %}
+	listen [::]:{{ LISTEN_STREAM_PORT }} udp reuseport{% if USE_PROXY_PROTOCOL == "yes" %} proxy_protocol {% endif %};
+	{% endif %}
 {% endif %}

 	# custom config
--- a/src/common/settings.json
+++ b/src/common/settings.json
@ -280,10 +280,19 @@
    "regex": "^[0-9]+$",
    "type": "text"
  },
+  "USE_TCP": {
+    "context": "multisite",
+    "default": "yes",
+    "help": "TCP listen (stream).",
+    "id": "use-tcp",
+    "label": "Listen TCP",
+    "regex": "^(yes|no)$",
+    "type": "check"
+  },
  "USE_UDP": {
    "context": "multisite",
    "default": "no",
-    "help": "UDP listen instead of TCP (stream).",
+    "help": "UDP listen (stream).",
    "id": "use-udp",
    "label": "Listen UDP",
    "regex": "^(yes|no)$",