机器上的防火墙是仅阻止来自机器外部的内容还是阻止来自机器上的进程的内容? [英] Does a firewall on a machine only block stuff from outside the machine or also from processes on the machine?
问题描述
运行在计算机上的防火墙是仅阻止该计算机外部的内容,还是阻止计算机上通过端口进行通信的进程之间的通信?
Does a firewall running on a machine only block stuff from outside that machine, or do they block communication between processes on a machine communicating via ports?
具体地说,我正在编写一个Windows服务,它将为计算机上的其他进程公开一个http RESTful服务.该服务将在非/私有范围内的标准端口-即不是端口80或类似端口.我是否需要担心计算机上可能正在运行的任何防火墙?
Specifically, I'm writing a windows service which will expose an http RESTful service for other processes on the machine. The service will be running on a non-standard port in the dynamic/private range - ie not port 80 or similar. Do I need to worry about any firewall that might be running on the machine?
这将仅部署到Windows计算机上-但是我想这是一个普遍的问题.
This will be deployed only to windows machines - but I guess it's a general question.
(Asked earlier on SF but perhaps this is more of a dev-focused question)
推荐答案
防火墙通常会根据协议(tcp,udp,http等),端口和/或ip阻止网络调用.因此,如果您有本地进程对您的回送地址(127.0.0.1)进行tcp/ip调用,那么可以,防火墙可能会影响本地进程.
Firewalls usually block network calls based on protocol(tcp, udp, http, etc), port, and/or ip. So if you have a local process making a tcp/ip call to your loopback address (127.0.0.1) then yes the firewall could be affecting the local process.
为更具体地回答您的问题,大多数防火墙程序应配置为仅允许特定的地址和端口,并阻止其他所有内容.因此,我认为您应该在设计中考虑这一点.
To be more specific to your question, most firewall programs should be configured to only allow specific address and ports and block everything else. So I would think you should consider this in your design.
这篇关于机器上的防火墙是仅阻止来自机器外部的内容还是阻止来自机器上的进程的内容?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!