CFP blocking localhost connections

KongKing · February 22, 2011, 6:51pm

hello,

When i tried to run the web application in Visual Studio, VS can’t connect to it’s server(localhost:4929) and gives an error message “Unable to connect to the ASP.NET Development Server”.

Also, when i use VLC to connect a tv program(localhost:2345), VLC gives an error
“Your input can’t be opened:
VLC is unable to open the MRL ‘http://127.0.0.1:2345’. Check the log for details.”

Setting CFP Firewall Security Level to Disabled, everything works great.

Googled a bit and find that there is an option “Skip Loopback zone UDP/TCP CHECK” in version 2, but I can’t find it in CFP 5.3.

I tried to add some rules in Global Rules to allows connection from/to 0.0.0.0 and 127.0.0.1, but still not works.
No alerts from CFP, even I ticked “Enable alerts for loopback requests” in Firewall Behavior Settings.

Anyway to solve this?

THX!

Valentinchen · February 22, 2011, 6:55pm

Hey and warm welcome to comodo forums KongKing!

Could you provide us with screenshots of you firewall events?

You can also try to add the service file and VLC exe file in application rules (CIS → firewall → Network Security Policy)

Regards,
Valentin N

KongKing · February 23, 2011, 8:19am

Thank you!

Firewall Events didn’t show any event when blocking the connections.

I tried to create a rule to block and log all the connections, Firewall Events did show some connection it blocked, but nothing related to localhost/127.0.0.1/loopback zone.

I set it as a trusted program, nothing happened.

I find that if i add any rule in Network Security Policy → Blocked Zones, let’s say I add host name “hk.yahoo.com” to block it, then i not only can’t connect to hk.yahoo.com, but also can’t connect to localhost/127.0.0.1/loopback zone. Even I add a rule to exclude them, CFP still block them if Blocked Zones contains any rule.

Is it a design of CFP?

Radaghast · February 23, 2011, 8:52am

Would you mind posting a screen-shot of your Application rules, please.

KongKing · February 23, 2011, 2:51pm

here

[attachment deleted by admin]

Valentinchen · February 23, 2011, 2:54pm

try yo uncheck the last option in Alert Settings.

Regards,
Valentin N

KongKing · February 23, 2011, 3:22pm

Any rule in “Blocked Zones” + untick “Enable alerts for loopback requests” = able to access localhost, but unable to access LAN resources(e.g. Share folder, remote desktop)

Thx for the tips.
Actually, my “problem” is no longer exist, as leaving “Blocked Zones” empty can make everything right.

Valentinchen · February 23, 2011, 3:40pm

unable to access LAN resources(e.g. Share folder, remote desktop)

go to CIS → firewall → Stealth Wizard Guide → Define a new trusted… now add the wanted ip

Regards,
Valentin N

abilene · April 21, 2011, 11:36pm

go to CIS → firewall → Stealth Wizard Guide → Define a new trusted… now add the wanted ip

Thank you, thank you for posting this! 8)

Ab