How to allow "local" Internet access but deny "real" Internet access?

[mattad]

At first I installed the well-known, free Oracle SQL Developer tool which allows the user to peek into and manage a Oracle database.
In my case the Oracle database is a locally (on my computer) installed free (=Express) version of Oracle.

When I start now SQL Developer tool LnS (v2.06) pops up a prompt:

SQLDEVELOPER.EXE
This software would like to connect to Internet.
Do you authorize it to connect?

Automatically I deny all outgoing traffic because I thought that SQL Developer want to transfer some user installation information to Oracles home server.

But much to my surprise this was not the case.
After detecting that SQL Developer does NOT work after denial I investigated the situation and found out that SQL Dev just wanted to access the Oracle Database listener on local port 1521.

The prompt is very misleading. If I remember it well the "Internet connection" alarms just local network adapter access appear from time for other programs as well.

How can I allow all already existing programs and all programs which I will install in future to connect all local "Internet" ressources but deny all "real"
connection which are located outside of my computer?

Matt

[Frederic]

Quote:

Originally Posted by mattad

[...]
The prompt is very misleading. If I remember it well the "Internet connection" alarms just local network adapter access appear from time for other programs as well.

Yes, this is because Look 'n' Stop alerts as soon as a connection is detected without knowing yet if it will be used locally, or really for internet.

Quote:

How can I allow all already existing programs and all programs which I will install in future to connect all local "Internet" ressources but deny all "real"
connection which are located outside of my computer?

You can't do it when the prompt appears. You can do it after the application is added to the list of applications. Double-click on the application in the list (or use the Edit button), and enter 127.0.0.1 for the IP address the application can connect to (for UDP and TCP). This feature is available only when the Advanced mode is selected (in the advanced options).

Regards,

Frederic

[mattad]

Quote:

Originally Posted by Frederic

You can't do it when the prompt appears. You can do it after the application is added to the list of applications. Double-click on the application in the list (or use the Edit button), and enter 127.0.0.1 for the IP address the application can connect to (for UDP and TCP). This feature is available only when the Advanced mode is selected (in the advanced options).

Hmm, this is bad.

When the prompt appears what should I do?
Allow -> Program can connect to its home server (at least once)
Deny -> Installation is not possible

Is it possible to setup a general rule? Something like:
"Allow all programs to access 127.0.0.1 (or 192.168.*.*) regardless wether another rule exists which deny internet access."

If not: This is a real problem. You should find a solution for the next release.

Matt

[Phant0m]

If you enabled 'Advanced Mode' listed in 'Advanced Options' (Look 'n' Stop 'Options' Tab/screen, 'Advanced Options' button). This will allow you to control Applications IP and Ports through 'Application Filtering' Tab/Screen when double-clicking on an added application entry in the list of applications. It doesn't matter if you Authorized the application or denied the application first.


Regards,
Phant0m``