Knowledge Center

Applications that generate loopback traffic are blocked though the Host Intrusion Prevention Firewall when adaptive mode is enabled
Technical Articles ID:   KB89071
Last Modified:  4/7/2017


McAfee Host Intrusion Prevention (Host IPS) 8.0 Patch 8


Applications that generate loopback traffic may get blocked though the firewall if adaptive mode is enabled. 

The traffic is not blocked if you add an any-any allow rule at the top of the firewall rule set.

The event trace log (ETL) trace shows the following error message:

[23]08E0.0990::11/17/2016-21:47:46.542 [mfewfp]FAILING pend operation for loopback-ed inbound connect IO FFFFFA8019334620!
[23]08E0.0990::11/17/2016-21:47:46.542 [mfefirek]WARNING: FAILED to pend ask PP IO  0xFFFFFA80193AB970 PID 932 Proto 6 <-- FW_ACTION_BLOCK_PACKET
[21]1144.0980::11/17/2016-21:47:46.542 [mfefwctl]FW_LOG_EVENT_TYPE_INFO Reason 34E1D7BF-C294-4A66-8432-17D556BBC046


This issue is resolved in Host IPS 8.0 Update 9, which is available from the Product Downloads site at: http://mcafee.com/us/downloads/downloads.aspx.

NOTE: You need a valid Grant Number for access. KB56057 provides additional information about the Product Downloads site, and alternate locations for some products.

Updates are cumulative; Technical Support recommends that you install the latest one.


Create a firewall rule in the rule set to allow the incoming loopback traffic.

Rate this document


This article is available in the following languages:

English United States
Spanish Spain

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.