InformAction Forums

Problem:
I run an application on a computer in my lan network that offers me a REST interface to query status information, ... .
That computer runs windows 7, and is identified by hostname myhostname, and has two network interfaces(one lan, and one wifi)

I share my firefox profile over several computers in my home network, including the stationary mentioned above, and some notebooks.
Therefore, I access the REST interface using the hostname to get a url that works from all places (opposed to using localhost which only works on the desktop, or lan address that doesn't work over wifi):
http://myhostname:12345/service/status

When I type the url in the addressbar, everything works fine. But when I attempt to click a hyperlink (http://myhostname:12345/help returns a website listing all available operations), the ABE warning comes up:

Request { GET http://myhostname:12345/service/status <<< http://myhostname:12345/help, http://myhostname:12345/help - 6} filtered by ABE: <LOCAL> Deny

Okay, the warning offered me to tweak the options, so I clicked that. Unfortunately, instead of a simple e.g. Temporarily allow myhostname I am presented with the rule-list dialog. While the ? gives some information on how it's supposed to work (wtf is the syntax only in a pdf?), there is no information about the dialog. E.g. what are System rulesets, what User, how is their precedence, what is the precedence of rules, what is the WAN IP \elem LOCAL thing ...

So, in the dialog the comment for the main rule claims, it only allows lan sites to access lan ressources.
Now that is obviously wrong.

Based on what I've read the past 3 hours here in the forums, a dns is only then marked as local, if all ip addresses it points to are part of the private ip range.
Now myhostname has the following ip addresses:

Wireless LAN adapter Wireless Network Connection:
Link-local IPv6 Address . . . . . : fe80::xxx
IPv4 Address. . . . . . . . . . . : 10.x.x.x

Ethernet adapter Local Area Connection:
Link-local IPv6 Address . . . . . : fe80::xxx
IPv4 Address. . . . . . . . . . . : 192.x.x.x

Tunnel adapter Local Area Connection* 11:
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
IPv6 Address. . . . . . . . . . . : 2001:0:xxx
Link-local IPv6 Address . . . . . : fe80::xxx

The lan / wifi addresses are all private/link-local, but the Teredo tunneling thing has a public IPv6 (cf. http://en.wikipedia.org/wiki/Teredo_tun ... addressing).
Now, I did not install Teredo myself, it came shipped with windows (already since vista I believe).
So basically, I can't access any modern windows computer by its hostname in my lan?

Anyways, I just thought I'd probably have to include myhostname to the system rule that blocks everything: Needless to say, that doesn't work. I changed the order of LOCAL and myhostname, I added an extra rule for myhostname, I put it in the user set. Nothing worked.

Please try inserting this rule in the beginning of the SYSTEM ruleset (before the built-in LOCAL rule):

Not working.

My system ruleset (user ruleset is empty) is as follows:

Oops, wait. Did you say you need myhostname (always requested by name) to be accessible from myhostname itself? Or from all origins?
If the former (always in the beginning since first match wins inside a ruleset): If the latter, just

Giorgio Maone wrote:Did you say you need myhostname (always requested by name) to be accessible from myhostname itself? Or from all origins?

Right now, the former, but in the long run, the latter.
I don't have my laptops here with me now, so I can't test it on them.

Anyways, neither of your suggestions work.
It always claims to be blocked by the LOCAL rule.

I don't have to restart firefox, or do anything else to reload the rules, right?

meh_ wrote:I don't have to restart firefox, or do anything else to reload the rules, right?

If you're editing them from the NoScript Options|Advanced|ABE textbox directly, no. Otherwise (if you're using an external editor) you need to put back the focus on the Options dialog or restart the browser.

Anyway should just work, provided that it precedes the built-in LOCAL rule in the SYSTEM ruleset.
How does the host name actually look like?

I have this as system ruleset (edited as always directly in the options dialog): and it doesn't work.

I still get this error:

[ABE] <LOCAL> Deny on {GET http://myhostname:12345/service/status <<< http://myhostname:12345/help, http://myhostname:12345/help - 6}
SYSTEM rule:
Site LOCAL
Accept from LOCAL
Deny

in the addressbar, i entered http://myhostname:12345/help, and on that page I click a link with href="/service/status".

Giorgio Maone wrote: How does the host name actually look like?

Nothing special, just 4 alphanumeric characters.

I'm quite puzzled, however I suspect the hostname. Please try to use

That finally worked.