Skip to main content

When Codex CLI Met Port 9 (Debugging WinError 10061 in a Whisper Pipeline)

When Port 9 Ate My Transcript

When Port 9 Ate My Transcript

A small debugging story about proxies, Codex CLI, and why localhost isn’t always your friend.

CopaseticFlow field notes WinError 10061 Codex CLI + Whisper Environment gremlins

There’s a particular kind of bug that feels like someone's been messing with your network stack again.

You run a script from cmd.exe.
It works.
You run the exact same script from Codex CLI.
It stops with: 

[WinError 10061] No connection could be made because the target machine actively refused it

FFmpeg happily splits the audio.
The Whisper API call dies immediately.

No 401.
No timeout.
Just an instant refusal.

Translation: that’s not an API error. That’s a socket being rejected.

The Setup

This is part of my ToucsProjectManager toolchain — a Python script that:

  • Uses FFmpeg to split a video into MP3 segments.
  • Calls llm whisper-api to transcribe each segment.
  • Writes a clean transcript file next to the video.

From a normal Windows cmd shell it worked perfecly.

From Codex CLI? Instant failure.

So we did what engineers do: print environment variables and stare at them.

And that’s when we found the culprit: 

HTTP_PROXY=http://127.0.0.1:9
HTTPS_PROXY=http://127.0.0.1:9
ALL_PROXY=http://127.0.0.1:9
NO_PROXY=localhost,127.0.0.1,::1

Why This Was So Weird

Port 9.

If you don’t know port 9: it’s basically the networking equivalent of /dev/null.

There is no proxy there.
There will never be a proxy there.

Every outbound HTTPS request was being forced through 127.0.0.1:9, which immediately refuses connections. That’s why the failure was instantaneous.

Why It Only Happened in Codex CLI

This was the key insight:

Codex CLI was launching the script in an environment that had proxy variables set. My normal shell didn’t.

So the same script behaved differently depending on who launched it.

This is one of those subtle environment-leak issues that only shows up when you start composing tools:

  • Python script
  • Subprocess call to llm
  • OpenAI API
  • Proxy environment variables
  • Codex execution wrapper

One tiny variable upstream can poison the entire networking stack downstream.

The Fix (Now Properly Engineered)

Instead of fighting the proxy variables set by codex, the new script is resilient by design.

The key change: the transcription subprocess now builds a controlled environment before calling llm whisper-api.

Here’s the core idea: 

def build_llm_env(clear_proxy: bool) -> dict[str, str]:
    env = os.environ.copy()
    if clear_proxy:
        for key in [
            "HTTP_PROXY",
            "HTTPS_PROXY",
            "ALL_PROXY",
            "http_proxy",
            "https_proxy",
            "all_proxy",
        ]:
            env.pop(key, None)
    return env

Each transcription worker launches llm whisper-api with that explicitly constructed environment: 

env = build_llm_env(clear_proxy)

result = subprocess.run(
    cmd,
    check=True,
    capture_output=True,
    text=True,
    env=env,
)
Default behavior: proxy variables are removed automatically.
Opt-in behavior: --keep-proxy preserves the original proxy configuration.

That means:

  • It works from cmd.exe.
  • It works from Codex CLI.
  • It works inside wrappers, IDE terminals, and automation runners.
  • No manual environment adjustments required.

Bonus Stability Improvements

Since we were already inside the networking layer, we hardened the rest of the pipeline too:

  • Parallel workers (default: 4) for faster transcription.
  • Exponential backoff retries for transient API hiccups.
  • Explicit key override via --llm-key.
  • Network diagnostics mode via --diagnose-network.

The diagnostic mode performs DNS resolution, TCP connect, and TLS handshake checks against the OpenAI endpoint before doing any transcription work. If something is wrong at the socket level, you’ll know immediately. 

python transcribe_video.py --diagnose-network

So instead of mysterious WinError 10061 explosions, we now have:

  • Controlled environment
  • Deterministic networking behavior
  • Clear diagnostics
  • Optional proxy preservation
In short: the script no longer depends on how it was launched. It defines its own networking context.

Lessons Learned

  • Connection refused is usually a proxy or routing issue, not an API/key issue.
  • Localhost isn’t always your localhost when wrappers/sandboxes get involved.
  • Subprocesses inherit environment — if you don’t control it, you don’t control behavior.
  • Defensive scripting wins (sanitize network env, keep an escape hatch).

Why This Matters

This wasn’t just about Whisper.

It’s about how modern dev stacks behave when you chain LLM tools, run through wrappers, and rely on environment-driven configuration. Tiny hidden defaults can cascade into failures that look mysterious — but are actually deterministic.



Comments

Post a Comment

Please leave your comments on this topic:

Popular posts from this blog

Cool Math Tricks: Deriving the Divergence, (Del or Nabla) into New (Cylindrical) Coordinate Systems

Now available as a Kindle ebook for 99 cents ! Get a spiffy ebook, and fund more physics The following is a pretty lengthy procedure, but converting the divergence, (nabla, del) operator between coordinate systems comes up pretty often. While there are tables for converting between common coordinate systems , there seem to be fewer explanations of the procedure for deriving the conversion, so here goes! What do we actually want? To convert the Cartesian nabla to the nabla for another coordinate system, say… cylindrical coordinates. What we’ll need: 1. The Cartesian Nabla: 2. A set of equations relating the Cartesian coordinates to cylindrical coordinates: 3. A set of equations relating the Cartesian basis vectors to the basis vectors of the new coordinate system: How to do it: Use the chain rule for differentiation to convert the derivatives with respect to the Cartesian variables to derivatives with respect to the cylindrical variables. The chain ...
10 comments
Read more

The Valentine's Day Magnetic Monopole

There's an assymetry to the form of the two Maxwell's equations shown in picture 1.  While the divergence of the electric field is proportional to the electric charge density at a given point, the divergence of the magnetic field is equal to zero.  This is typically explained in the following way.  While we know that electrons, the fundamental electric charge carriers exist, evidence seems to indicate that magnetic monopoles, the particles that would carry magnetic 'charge', either don't exist, or, the energies required to create them are so high that they are exceedingly rare.  That doesn't stop us from looking for them though! Keeping with the theme of Fairbank[1] and his academic progeny over the semester break, today's post is about the discovery of a magnetic monopole candidate event by one of the Fairbank's graduate students, Blas Cabrera[2].  Cabrera was utilizing a loop type of magnetic monopole detector.  Its operation is in...
1 comment
Read more

More Cowbell! Record Production using Google Forms and Charts

First, the what : This article shows how to embed a new Google Form into any web page. To demonstrate ths, a chart and form that allow blog readers to control the recording levels of each instrument in Blue Oyster Cult's "(Don't Fear) The Reaper" is used. HTML code from the Google version of the form included on this page is shown and the parts that need to be modified are highlighted. Next, the why : Google recently released an e-mail form feature that allows users of Google Documents to create an e-mail a form that automatically places each user's input into an associated spreadsheet. As it turns out, with a little bit of work, the forms that are created by Google Docs can be embedded into any web page. Now, The Goods: Click on the instrument you want turned up, click the submit button and then refresh the page. Through the magic of Google Forms as soon as you click on submit and refresh this web page, the data chart will update immediately. Turn up the:...
Post a Comment
Read more