lighttpd and comodo firewall

First of all. Let me congratulate the devs for a fantastic firewall. It’s even nice to look at besides being easy but still giving you the control you need. Up til now I used Outpost firewall (free) but it has some issues with many simulatanious connections. However. Here it comes.

It simply doesn’t work with the webserver lighttpd ( Some googling and investigations made me realize that I am not alone. Before anyone suggesting me to open up my router on port 80 and such I wan’t to tell you that I’m no newbie at these things. I am very well aware of what I have to do to get a firewall and a webserver to work.

I have at this point tried everything I can but regardless of how much I allow the webserver to access the net and be accessed it just doesn’t answer on calls. The only way is to turn off comodo firewall or put the security level slider from “Custom” to “Allow All”.
I’ve tried to manually allow the lighttpd.exe to do anything. I’ve tried to allow it to do what it wants with the learningtool (popups).

I am running the webserver locally by the way. So. Anyone else willing to confirm this?
Windows XP + lighttpd + comodo firewall.

Take care and thanks in advance.

Welcome to the forum.
If you try to turn network monitor off instead of “allow all”. Does it work?
What does the log say? Any blocks in there?
Have you tried to turn off things in security/advanced?
Just to be sure, restart the firewall after you have made changes.

Turning off Application Monitor - success.
Turning off Network Monitor - no effect.
Turning off Component Monitor - no effect.
Turning off Application Behaviour Monitor - no effect.
Setting Computer Security Level to Allow All - success.
Closing the firewall - success (obviously)
Tried manually adding a new trusted applications - no effect.
Tried manually to add all exefiles in the httpd package as trusted apps - no effect.

(Restarted the firewall between all tests and a few more times)

So. It’s really confusing. If I remove everything related to the lighttpd it will create its own rules next time based on me pressing allow or deny etc. But these rules have no effect aswell as setting Allow TCP/UDP from ANY to ANY at ANY port. :slight_smile:
The log says exactly nothing. It just blocks the port 80 connect but doesn’t tell me why.
I consider this almost magical!

One interessting thing however is that in the connectionlist I can see lighttpd.exe having fun. Apparently having fun with UDP to with about 3kB/s.

Hmm. I got it to work. I re-installed CPF but nothing really changed. It DID work briefly until I restared the httpd and CPF again. 30 minutes of struggling I finally found a checkbox named “Skip loopback (127.x.x.x) TCP connections” and checked that. Voila!

Question is - why? All rules are there and set correctly.
I do have a “Very high” setting on the Alert Frequency Level but that is the only special setting I have at the moment.

The same thing occurs if you start Microsofts PWS (Personal Web Server) locally. It attempts to make a local loopback connection on the 127 subnet. turning local loopback checks off in CPF means the web server can establish its internal routes successfully.

Sorry, I should have chipped this in earlier. me bad

Ewen :slight_smile:

I’m glad it worked for you.
I have that skip loopback TCP checked myself… ;D
That’s why I asked. :wink:

Have you tried to turn off things in security/advanced?
Good luck.

Yeah. I’m pleased that I got it to work.
During all my experimenting however, I got some unusual issues tho so the overall confidence for the firewall decreased a bit. Seemed like it was leaking and not detecting outward connections.
Later tonight I will re-install it once again and run some tests and I’m sure the trust in the software will come back. It was probably some mistake from my side.
It sure seems like one great peice of work and I’m convinced I will use it.

Choose “auto” when you install. :slight_smile: