Then I look at the rule that was created, and although the alert stated “friends in/out”, the rule states “friends and internet out otherwise ask me” … I guess the alert was only related to the web shield interference.
sounds like many rules are created in the background now, whether policy is set to ask or auto-decide :-\ … I’ve lauched some apps that didn’t trigger any alert, no rule was automatically created, at least visibly…
I doubt that as in the beta tests many people disabled the windows firewall, although there is supposed to be no conflict with it or need to disable it. So to me that would indicate it isn’t simply an overlay.
I’m thinking there very few people outside of the Alwil team that have that much experience on the avast firewall to respond to or much less help with the question. I think what Alwil have been trying to do with the firewall is similar to what they are doing with the antivirus, take the questions away from your average user. So perhaps it isn’t as configurable as the old style firewalls.
It’s a new concept I’m sure about it and that’s why I’m interested in it and I’m running it for now. A concept obviously meant to avoid a maximum of alerts to the user if fw is set to ask. I’d just like to have more precisions about the auto-decide behavior, as it also seems to interfere when the firewall is set to ask. Also, we badly need a neutral and professional test with it. I hope Matousec will take care of that soon or later, where soon would be better ;D I know there’s been some controversy about Matousec but I can’t think about anyone else doing the tests so deeply. Any suggestion welcome
Another obvious thing is that we don’t have here a tweak-able firewall, like protocols aren’t accessible in the application rules as well as many other things. If the firewall is leak-proof I don’t care, but I’d like to be sure.
I would have thought that ShieldUp at grc.com would be a start as essentially firewalls are about stealthing your system and secondly about outbound connections and what gets out, etc.
OK so I should have added outbound-proof, because network security is not just a matter of port, but also how good a firewall is good at blocking unwanted outbound connections. To stealth ports, my router’s firewall does the job alone
I know… OK so, on ShieldsUp, except for ping that I allowed purposely just now on the router for the test, so ping failed (ie system responded), all ports are stealth when router’s firewall deactivated … sounds good, but I need to know how solid is the outbound protection. There are tests available that you can run yourself, but Comodo made them so ;D …not sure about neutrality there
deleting a rule (made after a first alert) for an application doesn’t necessarily mean that you’ll get a new alert when launching this same application again
2)WLM rule: I get three alerts, all of them on MS IPs on port 80, the rule is already created after the first alert has been answered, why do I get two new alerts ??? same protocol etc… just the IP changes…and of course no sub-rule gets added to the list.
I’d like to insist on that because I just tried it again: deleting an application rule and launching this app doesn’t trigger anything, no alert, nothing, even with “auto-decide” on. I got the feeling the rule is kept, after deletion, somewhere in the firewall configuration files and therefore will never appear again in the UI list…
I see now ( I should have opened the file before : ) that tens of rules that don’t appear in the GUI are still stored in: C:\ProgramData\Alwil Software\Avast5\fw\rules.xml
cool, why isn’t that reflected in the GUI ? also some rules that I deleted are still there
just deleted the rules.xml file and rebooted, with the firewall set to ask, found when logging in that it was as expected created again, but unexpectedly filled with the same content as previously, tens of rules created again automatically with no prompt and nothing appearing in the application rule panel.
edit: so there must be another way to reinitialize the firewall more effectively, and have it behave like it did just after the install, with prompts ??? no ? ;D but how ? must be another file to take care of…
avast has in the past had an integrity checker, so I can only assume that some thing like this is going on here, where it replaces the missing file, but must as you suggest have a backup of your settings/rules somewhere.
don’t want to go into the details,off topic here and would be too long I went through some sort of disaster on my system this afternoon, that I could have avoided but I made a mistake in the process of recovering. Anyway, it all started when I deleted the content of rules.xml (edited, I didn’t delete the file) and rebooted. Found an empty desktop, logged out, could log back in and found tens and tens of entries in Windows events related to DCom and NT/authority errors. I rebooted another time and got the empty desktop again. How I recovered from that is another story but I think what happened is that by deleting all the content of the firewall rules, all internal traffic in Windows got blocked ;D
back on AIS, I started this thread while back on “free”: after upgrading to 5.0.393, I found that the firefwall seems to behave much better now, with rules created automatically when config on “auto-decide”. More on this as it comes and as needed.
just to mention the pop up about new network detection is still there after each reboot, as if after a fresh install. Also, I just uninstalled an app that had a rule, and I don’t want to delete this rule as I still have no idea if it will appear again in the UI rules panel if I ever reinstall this same app. It use to never appear again there, but was kept in rules.xml after deletion in the UI.
) that tens of rules that don’t appear in the GUI are still stored in: