local API server stopped with error: listening on 127.0.0.1:8088: listen tcp 127.0.0.1:8088: bind: address already in use #114
Description
Hi,
I installed last version and I always see problems on the 8088 port on the logs:
# cscli version
version: v1.6.11-d64ee2ae
Codename: alphaga
BuildDate: 2025-08-01_15:37:42
GoVersion: 1.24.5
Platform: freebsd
libre2: C++
User-Agent: crowdsec/v1.6.11-d64ee2ae-freebsd
Constraint_parser: >= 1.0, <= 3.0
Constraint_scenario: >= 1.0, <= 3.0
Constraint_api: v1
Constraint_acquis: >= 1.0, < 2.0
Built-in optional components: cscli_setup, datasource_appsec, datasource_cloudwatch, datasource_docker, datasource_file, datasource_http, datasource_journalctl, datasource_k8s-audit, datasource_kafka, datasource_kinesis, datasource_loki, datasource_s3, datasource_syslog, datasource_victorialogs, datasource_wineventlogtime="2025-08-05T16:43:29+02:00" level=fatal msg="local API server stopped with error: listening on 127.0.0.1:8088: listen tcp 127.0.0.1:8088: bind: address already in use"
time="2025-08-05T16:43:39+02:00" level=info msg="Enabled feature flags: disable_http_retry_backoff"
time="2025-08-05T16:43:39+02:00" level=info msg="Crowdsec v1.6.11-d64ee2ae"
time="2025-08-05T16:43:39+02:00" level=info msg="Loading prometheus collectors"
time="2025-08-05T16:43:39+02:00" level=info msg="Loading CAPI manager"
time="2025-08-05T16:43:39+02:00" level=info msg="CAPI manager configured successfully"
time="2025-08-05T16:43:39+02:00" level=info msg="Machine is enrolled in the console, Loading PAPI Client"
time="2025-08-05T16:43:39+02:00" level=info msg="Start push to CrowdSec Central API (interval: 5s once, then 10s)"
time="2025-08-05T16:43:39+02:00" level=info msg="Starting PAPI decision receiver"
time="2025-08-05T16:43:39+02:00" level=info msg="Starting Polling API Pull" interval=10 source=papi
time="2025-08-05T16:43:39+02:00" level=info msg="Start sending metrics to CrowdSec Central API (interval: 26m42s once, then 30m0s)"
time="2025-08-05T16:43:39+02:00" level=info msg="Start decisions sync to CrowdSec Central API (interval: 10s)" interval=10 source=papi
time="2025-08-05T16:43:39+02:00" level=fatal msg="local API server stopped with error: listening on 127.0.0.1:8088: listen tcp 127.0.0.1:8088: bind: address already in use"
time="2025-08-05T16:43:49+02:00" level=info msg="Enabled feature flags: disable_http_retry_backoff"
time="2025-08-05T16:43:49+02:00" level=info msg="Crowdsec v1.6.11-d64ee2ae"
time="2025-08-05T16:43:49+02:00" level=info msg="Loading prometheus collectors"
time="2025-08-05T16:43:49+02:00" level=info msg="Loading CAPI manager"
time="2025-08-05T16:43:49+02:00" level=info msg="CAPI manager configured successfully"
time="2025-08-05T16:43:49+02:00" level=info msg="Machine is enrolled in the console, Loading PAPI Client"
time="2025-08-05T16:43:49+02:00" level=info msg="Start push to CrowdSec Central API (interval: 12s once, then 10s)"
time="2025-08-05T16:43:49+02:00" level=info msg="Starting PAPI decision receiver"
time="2025-08-05T16:43:49+02:00" level=info msg="Starting Polling API Pull" interval=10 source=papi
time="2025-08-05T16:43:49+02:00" level=info msg="Start sending metrics to CrowdSec Central API (interval: 15m23s once, then 30m0s)"
time="2025-08-05T16:43:49+02:00" level=info msg="Start decisions sync to CrowdSec Central API (interval: 10s)" interval=10 source=papi
time="2025-08-05T16:43:49+02:00" level=fatal msg="local API server stopped with error: listening on 127.0.0.1:8088: listen tcp 127.0.0.1:8088: bind: address already in use"And I think only crowdsec is listening to the 8088 port
# sockstat | grep 8088
root crowdsec-f 91014 5 tcp4 127.0.0.1:14896 127.0.0.1:8088
root crowdsec 69186 16 tcp4 127.0.0.1:59779 127.0.0.1:8088
root crowdsec 69186 18 tcp4 127.0.0.1:8088 127.0.0.1:14896
root crowdsec 69186 19 tcp4 127.0.0.1:8088 *:*
root crowdsec 69186 22 tcp4 127.0.0.1:8088 127.0.0.1:59779I also see that it is not properly blocking port scans, as I run # nmap -sS -sV [WAN_IP] and it finds all of my open (and NATed for port-forwarding) ports, without triggering any alert/decision.
Is there something wrong somewhere?