Support handling localhost requests and external network requests separately
Created by: ssokolow
I like Douane in principle, but it would be a lot more useful to me if I could configure it to automatically allow requests on the loopback adapter and only bother me about requests that actually leave my PC. (Both for minimizing annoyance and as a second layer of defense on daemons which need a local loopback socket but should never be exposed to the wider world.)
As-is, its behaviour is so counter-intuitive that, at first, I had to double-check that I hadn't misconfigured my system when it asked permission to let things like LCDd, vim.gtk, and hddtemp use the network. (They all have things like Bind=127.0.0.1
in their config files and communicate via loopback sockets.)
I'm not asking for fancy filtering either. (I already saw a feature request for that.) I'm just asking for a toggle along the lines of "Silently allow communication via the loopback adapter"
As-is, I can't even trust it to reliably verify that my DRM-free games aren't phoning home because I had to allow communication for various various language runtimes which only perform loopback requests in normal operation here.