My limited understanding is that the loopback range is 127.0.0.0 to 127.255.255.255, and that 127.0.0.1 to 127.0.0.1 connections are just a computer connecting to itself. Should you have a network rule allowing TCP/UDP, source IP 127.0.0.1–destination IP 127.0.0.1 and then below that rule have a network rule that blocks the complete loopback range from any source IP to a destination ip range of 127.0.0.0 to 127.255.255.255. Are there any other addresses in the 127.0.0.0 to 127.255.255.255 range that a home computer should need other than 127.0.0.1? I don’t understand much about the loopback & loopback security, except that after the sp3 install for some reason, I’ve got a lot of M$ services asking for loopback permission thru FX, and I don’t know for sure if this is normal. If I deny them everything appears to work as normal as well. For the best security should you just “skip” both the TCP/UDP loopback and if you do that will the network rules above, secure the loopback? Iif anyone has a link explaining/understanding firewall loopback security, it would be appreciated.
The loopback interface, the entire range 127.0.0.0 thru 127.255.255.255, is your machine. The rationale for that goes way way back into the history of the Internet. By convention, the 127.0.0.1 address is known as “localhost” that applications can expect to exist. Over the years (decades, really), folks found that the 127.0.0.1 address was pretty much the only address in that entire range that was needed. There might be some very occasional application that would use some other 127.x.x.x address (NTP - network time server stuff, is one example), but those are extremely rare, and so tend to be very very well documented.
The Wikipedia entry localhost - Wikipedia might be informative, if you chose to going reading into the respective RFC’s
So far as CFP rules are concerned, for the most part you can ignore the 127.x.x.x address space, and CFP will properly secure that IP address range. When in doubt, check your CFP firewall log to see what it says.