-solved-

-solved-

In the context of your OS’s network you might think of 0.0.0.0 as “local traffic” created by the Operating Systems’ internal dialog.

http://www.rfc-editor.org/rfc/rfc3330.txt

RFC 3330 Special-Use IPv4 Addresses 2. Global and Other Specialized Address Blocks

0.0.0.0/8 - Addresses in this block refer to source hosts on “this”
network. Address 0.0.0.0/32 may be used as a source address for this
host on this network; other addresses within 0.0.0.0/8 may be used to
refer to specified hosts on this network [RFC1700, page 4].

In the context of a network routing table, 0.0.0.0 means "default route", sometimes referred to as "the route of last resort". When a program sends a packet to an address that does not appear on the computer's routing table, the packet is forwarded to the gateway for 0.0.0.0, which is hopefully able to route it to the correct address.

That is correct but probably more of a consideration if you are configuring router rules.

So if its just local traffic I can allow all ports for 0.0.0.0 ?
I can't advise you on that, sorry. :-[ I'm not currently able to play with CPF due to other commitments. :( That's a decision that you'll have to make depending on your network and system environment. Which process is listening, is your LAN trusted? (Who and what are listening, do you trust your local network?) Let's get someone more familiar with CPF to answer that.

Hi. Yes, you can usually allow 0.0.0.0 traffic, it is local traffic. I think CFP 2.4 ignores local UDP traffic by default. Its definable for both UDP & TCP, loopback options in CFPs configs (Security tab - Advanced). It does really depend on the port. Anything unusual?

One more bit of info - if your LAN is configured to use DHCP and it runs out of address to allocate (i.e. if your router is set up to provide addresses for 4 PCs and a fifth one tries to login) the PC that can’t be granted an address assumes the address of 0.0.0.0

Hope this helps (rather than just muddying the waters ;))
Ewen :slight_smile: