Hi,
I don’t know if this is a bug or what?
I have been using Proxomitron for years, as a web content filter, and popup blocker,
But when I use it with CPF, there is some sort of problem.
CPF says proxomitron is sending TCP packets over it’s listening ports,
in the port range of 1000-2000. I’m sure Proxomatron communicate to the browser over
these ports, but I can not be certain that they are actually TCP packets being transmitted.
Well, it could still probably do that, I guess… but this is not detected in other firewalls.
What I do know is that Proxomitron inserts a form of javascript into webpages, before you
veiw them in your browser, so it can do whatever it does by doing this.
Anyhow, it’s more than a minor problem, because in order to view any webpage, I have to allow
for a new port for Proxomitron, for each and every image or object on the site.
I don’t want to have to just allow port for it, as that will lessen my security.
What are your thoughts on this? Is there an advanced option I could turn off so I won’t be bothered
by these ports? Beta CPF testers may want to download proxomitron to see what I am talking about.
Thanks
EDIT: Will allowing invisible connection attemps only work as port? I prefer to have it only set up to use port 80 and 8080 TCP out.
Only a guess, but under SECURITY - ADVANCED - MISCELLANEOUS, there’s an option “Skip loopback (127.X.X.X) TCP connections” and another similar one for UDP connections. Try turning both of these off and rebooting. It’s possible (in fact probable, the more I think about it) that Prxomitron is using the local loopback to read and insert its code and do its voodoo, before passing it to the browser.
If this works, can you please report back here for the benefit of others.
Hi Panic, thanks for your reply, and the problem is already solved (I think).
Yep, you are right, they are all localhost TCP traffic, and turning on ignore loopback
TCP was a quick fix to it.
I had to resort to installing my other firewall for a few minutes to get to the bottom
of this. I found out the hard way that…
[127.0.0.1:1432] to [64.210.xx.xx:80] TCP OUT…
[127.0.0.1:1433] to [64.210.xx.xx:80] TCP OUT…
[127.0.0.1:1434] to [64.210.xx.xx:80] TCP OUT…
is interpreted differently between CPF and some other firewalls to the extent
where CPF prompts me for the local ports instead of the true destination port 80.
It is harmless TCP traffic obviously, in random local ports, but connecting out
to port 80. I was thinking since I already allowed port 80 out, it shouldn’t
be asking me to allow it for anything else.
Never-Ending AppMonitor Rules: (these rules are from 1 site with 6 gif’s) Edit: No Offence to Comodo, they were never-ending because of negligence on my part.
Proxomitron.exe | Destination (any) | Ports 80,8080,443 | TCP Out | Allow
Proxomitron.exe | Destination (mydnsip) | Ports 53 | UDP Out | Allow
Proxomitron.exe | Destination 127.0.0.1 | Port (1432) | TCP Out | Allow
Proxomitron.exe | Destination 127.0.0.1 | Port (1433) | TCP Out | Allow
Proxomitron.exe | Destination 127.0.0.1 | Port (1444) | TCP Out | Allow
Proxomitron.exe | Destination 127.0.0.1 | Port (1445) | TCP Out | Allow
Proxomitron.exe | Destination 127.0.0.1 | Port (1446) | TCP Out | Allow
Proxomitron.exe | Destination 127.0.0.1 | Port (1447) | TCP Out | Allow
Edit: Since I already allowed these connections through port 80 …
I suppose I could create the rules as follows:
Proxomitron.exe | Destination (any) | Ports 80,8080,443 | TCP Out | Allow
Proxomitron.exe | Destination (mydnsip) | Ports 53 | UDP Out | Allow
Proxomitron.exe | Destination 127.0.0.1 | Port (ANY) | TCP Out | Allow
Edit: I applied the above rules and everything is perfect now.
I am sure now you can see where I got confused.
(I’m embarrassed now)