Firewall question - didn't block what's set to block

We run TalkingTom2 app for kids. It’s blocked in the firewall from roaming the internet.
Yet when we run it, there always comes a suggestion to download something, and the router log confirms outbound to apps.outfit7.com and cdn.outfit7.com
I wonder why it would slip by Avast?

Edit: just title

It is not opened by application. You can block these URL in firewall too.

Thanks for answering.
What do you mean by “it’s not opened by application”? - it only happens when run TalkingTom2.
Regarding block by URL -

  • In addition to apps.outfit7.com, I saw apps2… so there maybe more, rough to do by url unless syntax would permit *.outfit7.com to take care of all of it.
  • But, I actually do not see a URL option. Just IP and port. So I made a custom rule for, what appears to be a hosting service on godaddy, and seems to indicate just one IP: 184.106.104.105. When I put it in, my router was silent, so I suppose this block worked. For all I know tomorrow the IP will change, they all do that.
  • Is there a way to rename the rule from New Rule+number, to its context, so that I can know when I read the rules?

So, please, educate me a tad more. And Merry Christmas to you!

Have you checked the manual?
It could be the info you are looking for is there.
http://files.avast.com/files/documentation/mobile-security-user-guide-en-v2-4-updated.pdf

According to page 8 of the pdf file it’s for WebShield.
I don’t seem to have WebShield.
Even if I did, it would not be useful, since it is not URL from the browser but an application.

What do you mean by “it’s not opened by application”? - it only happens when run TalkingTom2.

– means that the application contains add-on framework, which is responsible for this behaviour - you can see it privacy advisor

Regarding block by URL -

  • In addition to apps.outfit7.com, I saw apps2… so there maybe more, rough to do by url unless syntax would permit *.outfit7.com to take care of all of it.
  • But, I actually do not see a URL option. Just IP and port. So I made a custom rule for, what appears to be a hosting service on godaddy, and seems to indicate just one IP: 184.106.104.105. When I put it in, my router was silent, so I suppose this block worked. For all I know tomorrow the IP will change, they all do that.
  • Is there a way to rename the rule from New Rule+number, to its context, so that I can know when I read the rules?

– true. There is no possibility to add URL directly (but this can be implemented somehow and I will pass it to PM), only IP addresses;
– no, sorry, the rules can not be renamed, but I will also pass this idea to PM.

Anyway, I did install Talking Tom 2 and set this:

  • blocked all possibilities (wifi, 3G, roaming)
  • set firewall to (settings in upper right corner): enable ipv6, take highest priority, enable firewall log

Talking Tom restarted and assured, that it can not download anything from web (movie button, new + pad button, etc.)
Please try it on your side…