Concerns/issues With AIS Firewall.

I’ve just switched my security setup over to AIS from MSE and Windows Firewall. I never had any problems or complaints with the previous setup, but I just felt like something different. So far, I’ve been impressed. :slight_smile:

However, I had some weird issues last night with the latest beta of Google Chrome:

  1. After initial AIS installation, I could not access the net via Chrome. The firewall created a default rule (Internet out; All others ask), but that blocked it still.

  2. All other browsers were fine. I then manually added an “Internet In” rule to Chrome and that allowed access.

  3. For testing, I then removed Chrome and the Google group from the firewall. I then started Chrome again and allowed the AIS defaults. This time, the defaults worked. The defaults were different, though, in that the firewall added specific ports chrome is allowed to access for “Internet Out”.

So, something seems a little buggy here and I’m not entirely confident in the firewall. The rules for each browser are different as well, which doesn’t make sense to me:

IE- Allow all connections.
FF: all outbound, inbound friends only, all others auto-decide.
Opera: All outbound, all others auto-decide.
Chrome: All outbound (with specific ports), all others auto-decide.

Also, after deleting and then adding back rules for Chrome, I had to reboot as the UI would not allow me to view the new auto created rule…it was “stuck”.

Anyone have some thoughts on these issues?

Thanks :slight_smile:

Just an update.

AIS has now automatically changed the rules for Chrome 3-4 times so far today even after I added my own. This doesn’t seem normal at all. A browser is a browser as far as a firewall is concerned is it not? :wink:

And the UI is most certainly buggy. More often than not, when a rule it automatically created I can’t view that rule until I reboot.

Thanks :slight_smile:

If the firewall is set on auto-decide mode, then rules can change. “All others auto-decide” means that the firewall will determine if these other connections are safe to be allowed. If it permits them, the application rules will be automatically modified.

Of course, rules may be different for different applications, even if they are of the same type. For instance, some might require more connections, etc. To decide, the firewall uses some sort of whitelist/blacklist, and its heuristic module.

That’s not supposed to happen. Try to repair avast (Control Panel>Add/Remove Programs>AIS>Repair)

Rules may be constantly modified, due to the firewall’s behavioral analysis of the program. Each time you re-launch the application, it will perform some heuristic checks.

rules don’t really change for Chrome, what you see is newly created rules added to what’s been set already for Chrome, meaning chrome update checks, extension update checks, https connections etc… you won’t see much of the details in Avast firewall UI, it’s all stored in a file called rules.xml

Alright. That does make sense based on your explanations. Thanks, guys. It’ been a while since I’ve used a third party firewall, so I guess the tech has changed a little since then :wink:

I’ll try to repair Avast too see if that cures my UI glitches.

Thanks again :slight_smile: