3 Replies Latest reply on Aug 23, 2015 3:16 PM by catdaddy

    McAfee firewall blocks localhost in subprocess only

    michaeladamkatz

      This is a technical programming-related question about McAfee apparently blocking localhost (loopback, 127.0.0.1) connections, but only under a specific condition.

      I have installed McAfee (a trial version of LiveSafe -- Internet Security) on my PC. I am running a Python program that uses CherryPy to set up a web server on localhost (127.0.0.1). I have a separate program on the same machine that sends requests to the CherryPy program.

      This localhost communication fails (see log below) when McAfee firewall is on, and works when it's off.

      However, when I run the CherryPy server as its own application (e.g., start it from a cmd prompt), things work even with the firewall on. But when I let my main program launch the CherrPy/Python .exe as a sub-process (which is how my application normally works -- the main "browser" application launches the CherryPy app as a sub-process) it does not work.

      So to summarize:

      • My application needs to run this CherryPy server as a sub-process.
      • When McAfee firewall is active, it blocks the localhost communication between my main app and the sub-process.
      • But when I run the CherryPy app and my main app each as their own top-level application, everything works.
      • I tried making the obvious changes in the McAfee control panel to allow an exception for my program names (both the main application and the CherryPy server application), and the single port they use to communicate (56677), but it didn't help.

       

      I did some reading on the McAfee community blogs, and I see there has been a long history regarding the question of blocking or not blocking localhost. And then I also see something about "process spoofing". So I'm trying to understand why it blocks the sub-process, and whether there's a way (a) to configure McAfee not to do that while still leaving the firewall on, or (b) launch my process in some different way that prevents this sub-process discrimination (I'm using the Win32 API CreateProcess()to launch it -- maybe ShellExecuteEx() would give different results?).

      Below is the CherryPy log showing it failing to start.

      [14/Aug/2015:19:45:39] ENGINE Bus STARTING

      [14/Aug/2015:19:45:39] ENGINE Set handler for console events.

      [14/Aug/2015:19:45:39] ENGINE Started monitor thread 'Autoreloader'.

      [14/Aug/2015:19:45:39] ENGINE Started monitor thread '_TimeoutMonitor'.

      [14/Aug/2015:19:47:20] ENGINE Error in 'start' listener <bound method Server.start of <cherrypy._cpserver.Server object at 0x02547250>> Traceback (most recent call last): File "cherrypy\process\wspbus.pyc", line 205, in publish File "cherrypy\_cpserver.pyc", line 168, in start File "cherrypy\process\servers.pyc", line 177, in start File "cherrypy\process\servers.pyc", line 233, in wait File "cherrypy\process\servers.pyc", line 459, in wait_for_occupied_port IOError: Port 56677 not bound on '127.0.0.1'