The default 1883 listener is always active (2.0.14)

[t33x]

with this mosquitto.conf (2.0.14)

listener 8001 1.2.3.4
socket_domain ipv4
protocol mqtt

listener 8002 1.2.3.4
socket_domain ipv4
protocol websockets

I expect only two running listeners, but the 1883 listener is also active:

tcp   0 0.0.0.0:1883   0.0.0.0:*   LISTEN   17293/mosquitto     
tcp   1.2.3.4:8001     0.0.0.0:*   LISTEN   17293/mosquitto     
tcp   1.2.3.4:8002     0.0.0.0:*   LISTEN   17293/mosquitto     
tcp6  :::1883          :::*        LISTEN   17293/mosquitto

I cannot find any information in the documentation to prove that this is the expected behaviour.

How can I disable the default listener (1883)?

[Daedaluz]

The default listener only listen to the local address if present and should be disabled when a listener is specified.
mosquitto.conf documentation says

listener port [bind address/host/unix socket path]
Listen for incoming network connection on the specified port. A second optional argument allows the listener to be bound to a specific ip address/hostname. If this variable is used and neither the global bind_address nor port options are used then the default listener will not be started.

using your config file results in only 2 ports on my system.
$ mosquitto -c strange.conf

1648540343: mosquitto version 2.0.14 starting
1648540343: Config loaded from mqtt.conf.
1648540343: Opening ipv4 listen socket on port 8001.
1648540343: Opening websockets listen socket on port 8002.
1648540343: mosquitto version 2.0.14 running

$ ss -antp | grep mosquitto

LISTEN    0      100      1.2.3.4:8001         0.0.0.0:*     users:(("mosquitto",pid=25820,fd=4))
LISTEN    0      4096     1.2.3.4:8002         0.0.0.0:*     users:(("mosquitto",pid=25820,fd=8))

what does your log file look like?

[t33x]

The log:

Mar 29 10:15:50 mosquitto: 2022-03-29T10:15:50: mosquitto version 2.0.14 starting
Mar 29 10:15:50 mosquitto: 2022-03-29T10:15:50: Config loaded from /etc/mosquitto/mosquitto.conf.
Mar 29 10:15:50 mosquitto: 2022-03-29T10:15:50: Opening ipv4 listen socket on port 8001.
Mar 29 10:15:50 mosquitto: 2022-03-29T10:15:50: Opening websockets listen socket on port 8002.
Mar 29 10:15:50 mosquitto: 2022-03-29T10:15:50: Opening ipv4 listen socket on port 1883.
Mar 29 10:15:50 mosquitto: 2022-03-29T10:15:50: Opening ipv6 listen socket on port 1883.
Mar 29 10:15:50 mosquitto: 2022-03-29T10:15:50: mosquitto version 2.0.14 running
Mar 29 10:15:50 systemd: Started Mosquitto MQTT Broker.

My full mosquitto.conf file:

per_listener_settings false
allow_zero_length_clientid false
max_inflight_messages 1
max_queued_messages 1000
max_packet_size 135168
max_qos 2
memory_limit 67108864
persistent_client_expiration 14d
max_keepalive 300

autosave_interval 600
persistence true
persistence_file mosquitto.db
persistence_location /var/lib/mosquitto/

log_type all
log_timestamp_format %Y-%m-%dT%H:%M:%S
connection_messages true
websockets_log_level 0

cafile /etc/mosquitto/...
certfile /etc/mosquitto/...
keyfile /etc/mosquitto/...
dhparamfile /etc/mosquitto/...

require_certificate true
use_identity_as_username true

listener 8001 1.2.3.4
socket_domain ipv4
max_connections 100
protocol mqtt

listener 8002 1.2.3.4
socket_domain ipv4
max_connections 100
protocol websockets

Maybe I should put the listener definitions on top of the config file?

[Daedaluz]

I'm more thinking if you can try throw your cert-configs under a listener block.

[t33x]

yeah, that did the trick... now I only have two listeners. Thank you!

per_listener_settings false
allow_zero_length_clientid false
max_inflight_messages 1
max_queued_messages 1000
max_packet_size 135168
max_qos 2
memory_limit 67108864
persistent_client_expiration 14d
max_keepalive 300

autosave_interval 600
persistence true
persistence_file mosquitto.db
persistence_location /var/lib/mosquitto/

log_type all
log_timestamp_format %Y-%m-%dT%H:%M:%S
connection_messages true
websockets_log_level 0

listener 8001 1.2.3.4
socket_domain ipv4
max_connections 100
protocol mqtt

listener 8002 1.2.3.4
socket_domain ipv4
max_connections 100
protocol websockets

cafile /etc/mosquitto/...
certfile /etc/mosquitto/...
keyfile /etc/mosquitto/...
dhparamfile /etc/mosquitto/...

require_certificate true
use_identity_as_username true

[D-r-P-3-p-p-3-r]

Something similar happens when you have per_listener_settings active (true) and have one of the listener config entries before your first listener.
This happened to me with allow_zero_length_client_id as I switched per_listener_settings to true and overlooked this entry.
It took me a whole while to figure out why a listener on port 1883 was starting.
I only noticed it, because I had configured a listener for that port, too, and Mosquitto was not starting anymore. Else I might have ended up with an accidentally opened port.

We're currently using Mosquitto 2.0.12.

[zhyang-liu]

in my case, the 'include_dir' triggered the default listener.
in that directory, the first file (starting with 00-) defined a new listener, and that still made the default listener ran.

it looks like that this behavior was not mentioned in the per_listener_settings section in the document of mosquitto.conf