Act as server - application rule - local adress ??


I dont understand the behavior of CPF in the case of a "act as server " popup.
The Popup is like: “App XY is trying to act as a server, LOCAL adress ( for example), port xy”

When I then click on allow and remember, the rule that comes out is for App XY, IN, port xy and DESTINATION (!) is my IP, given to me by my DSL provider, and of cos changes each time I connect to the net.
Before last update, when “act as server” pops up, IP was (destination (!)), which meant “listen”. I had a rule for, and the app can do its listening and all ok…
Now this behavior changed.

Why will be there a rule for a special DESTINATON IP, when the app has just listen FROM IP xy, and not TO xy ??

Is this a BUG or how can I understand this ?

It is NOT possible for me to create a rule that let an app listen. And some apps need that, because they do so before they use loopback connections. So they listen, but only my machine can answer.
If this is blocked, the app wont work, and I dont want to have a popup each time.
The only way would be a rule to allow all IN, but I want this and the sense of the app rule is gone then.


Are the local and destination address the same? Is it possible to post a screenshot of this?


I do not mean network mon. rules.

In app rules, there is only one ip and port that can be specified.

Like this:

appxy.exe is trying to act as a server…

Local IP: 213. 92.123.34 ( local !!! the ip I get from my DSL provider each connection new)
Port: 123 (ntp)

I then allow and check remember, and I have the alert freq. level on high, because I use special rules.
So, the rule that comes out is: appxy.exe, dir=IN, dest. IP=213. 92.123.34, port=123,

The sense behind this is: appxy.exe just want to listen on port 123 (ntp), this is, what I want to allow ! In the previous version, I had rules with ip= for this case and it worked fine.

Can this be a bug ?? (Why a dest ip for just listening)