firewall blocking of loopback connection

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Hi,

My question, in short, is:

Are software firewalls in their default configurations
likely to block a connection from a program *to itself*?

Background:

I am working on a thick-client application that serves
a lot of content as locally generated and modified
web pages.

I've embedded a webserver in that client so that it serves
up pages like http://localhost:<someport>/path/to/content/.
After loading the pages AJAX is used to update the pages.

This approach provides a lot of functionality I want, but I want
to avoid any problems with end-users' firewalls blocking the
localhost connection, or annoying them with warning messages.

I'm sure that these connections *could* be blocked -- my
question is whether such connections are likely to be blocked.
For example, would they be blocked with the default configurations
of popular firewalls.  First of all I'm interested in {Windows XP,
Windows Vista} x {Windows Firewall, Norton Firewall, ...}.  But
I'm also interested in Mac or Linux data.

Thanks a lot,
David


Re: firewall blocking of loopback connection

Quoted text here. Click to load it

The products you're talking about are not FW(s), at best, they are packet
filters. The Loopback IP shouldn't be blocked, and I know XP's and Vista's
FW(s)/packet filters  have no rules established to do this. Some of these
other 3rd party solutions shouldn't be blocking on the Loopback IP either,
but I guess you'll have to test your solution against them.


Re: firewall blocking of loopback connection
Mr. Arnold wrote:

Quoted text here. Click to load it

 > on the Loopback IP either, but I guess you'll have to test
 > your solution against them.

In my experience, sadly, they do. And because they shouldn't, it's obvious
that they're ridicolously misconfigured by default.

Re: firewall blocking of loopback connection
Quoted text here. Click to load it

Not sure about how likely that is, but some Personal Firewalls do that,
yes. However, the packet filters that come with the operating systems
(Windows Firewall, ipfw, netfilter, ...) don't.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Site Timeline