Windows: MCP-launched child processes cannot connect to localhost TCP services

[hatayama]

What version of Codex is running?

0.44.0

Which model were you using?

gpt-5-codex

What platform is your computer?

Microsoft Windows NT 10.0.26100.0 x64

What steps can reproduce the bug?

What steps can reproduce the bug?

Environment:

• OS: Windows 10 (10.0.26100)
• Codex: gpt-5-codex (config-based MCP)
• Node.js: v22.17.0
• Target: any localhost TCP service on 127.0.0.1:PORT

Reproduction project:
👉 https://github.com/hatayama/codex-mcp-test

The project includes:

• A minimal MCP server with a single tool check-tcp-connection
• Helper scripts (server.cjs, check.cjs) to set up and verify localhost TCP connectivity
• Full reproduction steps in the README

Steps:

1. Clone/download the reproduction project: https://github.com/hatayama/codex-mcp-test

2. Start the test TCP listener in one terminal:

   $env:PORT=8700; node .\server.cjs

   (Keep this running - you should see SERVER_LISTENING 127.0.0.1:8700)

3. Verify connectivity from external shell in another terminal:

   $env:PORT=8700; node .\check.cjs

   This should print SUCCESS

4. Configure Codex .codex/config.toml (see project README for full example):

   [mcp_servers.codexMcpTest]
   command = 'node'
   args = ['C:\abs\to\codex-mcp-test\dist\index.js']

5. Restart Codex to load the MCP server

6. In Codex, invoke the MCP tool check-tcp-connection (with server still running from step 2)

What is the expected behavior?

The MCP tool should successfully connect to the localhost TCP service and return:

TCP 127.0.0.1:8700: SUCCESS

This is what happens when running the same connection test (node check.cjs) directly from PowerShell or any external shell.

What do you see instead?

The MCP tool returns:

TCP 127.0.0.1:8700: FAILED (TIMEOUT)

or similar connection error (e.g., ECONNREFUSED, ETIMEDOUT).

Evidence:

• External shell (plain node check.cjs): ✅ SUCCESS
• Codex-launched MCP child process: ❌ FAILED
• netstat -ano shows no outbound connection attempt from the MCP child process PID during the test
• The localhost service is confirmed LISTENING on 127.0.0.1:8700 via netstat and Test-NetConnection

Mitigations tried (no effect):

• Added Windows Defender Firewall rules (inbound to local service, outbound from node.exe to 127.0.0.1:PORT)
• Verified localhost connectivity from PowerShell and external Node → success
• Checked loopback/AppContainer exemptions, hosts file, Winsock config → all OK

Impact:
Any MCP server that must communicate with a local TCP service (Unity game engines, local databases, Docker services, etc.) cannot function when launched by Codex on Windows. This significantly limits the utility of Codex MCP on Windows for development workflows involving local services.

Summary:
On Windows, MCP servers launched by Codex (as child processes) cannot establish TCP connections to localhost (127.0.0.1). The same Node.js code connects successfully when run outside Codex. The reproduction project is intentionally minimal (single tool, ~80 lines of TypeScript) to make verification straightforward.

Additional information

No response