I have a suite of programs that work client-server, and that are often configured to work on a single machine. In that situation, I call bind to get an available socket from the server, note the information in the local registry (this is for Windows) and listen on the socket. The code is roughly as follows: sockaddr_in socketName; memset(&socketName, 0, sizeof(socketName)); socketName.sin_family = AF_INET; socketName.sin_port = (::htons (0)); socketName.sin_addr.s_addr = ::htonl (INADDR_ANY); if (::bind (fMainSocket, (sockaddr*) &socketName, sizeof(socketName)) == SOCKET_ERROR) { _Module.LogEvent (_T ("Failed to bind to socket on port %d"), proxyPort); throw SilentException (); // throw to get into the catch block's clean-up } const int kBackLogLimit = SOMAXCONN; if (::listen (fMainSocket, kBackLogLimit) == SOCKET_ERROR) { _Module.LogEvent (_T ("Failed to listen to socket on port %d"), proxyPort); throw SilentException (); // throw to get into the catch block's clean-up }
This works fine. However, when clients have some firewalls installed, such as Norton Internet Security, it seems to default to blocking all socket binds. Usually the client gets a scary dialog that says that the program is trying to listen for connections to other compters. I believe at other times it simply blocks the connection without any alert at all (perhaps because this code is part of a service that can be run at startup, which might be an awkward time to bring up the alert) So my question is whether there is a way to set up the request so that firewalls do not perceive it as a threat. Also, it might be a good idea to take the threat seriously, in which case my other question is how can I modify the code so that it only accepts connections from the local machine?