I accidentally clicked the allow button for an application that was asking to connect to the internet when I meant to click on block. I decided to see what I could find out about what the program was trying to do by looking at the firewall events log (after unplugging my ethernet cable). There it shows the same number for the Destination IP as it shows for the source IP (target is “Out”). At a glance it seems like rather than trying to communicate with some external device across the internet it was instead sending a message back to my own computer via a different port.
Does my interpretation sound right? If so, why would a program be speaking to itself via my network? Is it possible that after choosing “Allow”, the program could have made other connections over the network that would not show up in the firewall events log? If so how can I discover what those are?