Local Machine TCP

Hello everyone. I have some questions regarding local machine tcp connections. Some of the applications I have installed on my system require local tcp access to communicate with various different system components in order to function properly or, in some cases, even to run at all. I’m a long time Comodo user and I find it a very versatile application however, I’ve been trying my best to figure out a way to allow these applications the local connections they require while at the same time denying them any access to the internet and I’m stumped. Is there any way to accomplish this? I do not trust the application vendors when they tell me that no data is being transferred over the internet. I realize that piracy is rampant and they must protect their product but I didn’t fork out good money to leave myself vulnerable in this way.

Thanks for reading. I look forward to any replies and hope to see one with a solution :slight_smile:

Create network zones.

The appropriate ones are usually loopback (127.0.0.1) and lan (e.g.: 192.168.0.1-192.168.0.255)

Allow when your aplications ask for them your strategy rules (tcp and udp if needed) only if both source and dest are lan, write then exactly the same rule below the first one, any ip, block.

Some applications also might ask for broadcast permissions (255.255.255.255, 239.255.255.250…):
allow only if the application does not work locally without, block anyway if you don’t need internet for this application (e.g., i never use my html editor to upload the html files i write, altough it of course has this ability: blocking rule).

You can also write a global rule, tcp and udp, both, source AND dest = LAN, ports = any, allow.