I am using slow GPRS connection to Internet (T-Mobile Czech Republic) and to speed up things a little bit I am using bit weird configuration of proxies. Browser connects to local squid which does caching. Squid connects to local Privoxy which does ad blocking and Privoxy connects to local GPRSpeed (NettGain1100) client which does compression and data tunneling to ISP gateways that pass it further to the Internet.
The problem is, when I configure web shield to port where squid or privoxy listens, everything works fine but when configured to port where GPRSpeed (NettGain1100) listens, internet connection works but nothing is scanned. I am playing with these more than hour and I am sure I am setting correct port. I am almost sure it worked with previous version of avast.
Any idea what is wrong? Can you provide or recommend me some tool to diagnose this problem further?
xtonda, you’re right in everything you said. Mozilla and squid is supported (is explicitly listed).
Unfortunately, we had to change the default setting from opt-out to opt-in in version 4.6.623 because of various incompatible programs. And I agree that such a setting would deserve a GUI control but it was too fast a decision to be possible to implement (please realize that every GUI change has to be translated to all supported languages - it this moment, 21 and counting)
Meanwhile, we’ll probably create a FAQ entry documenting this.
AOL Client Browser Top Speed compression
4X Made Easy - financial app from www.4xmadeeasy.com
McAffee Personal firewall GUI
The folks @Kerio are aware of some other (we’ve discussed this behavior with them - they’re using a similar approach for cookie and ad blocker in their Personal Firewall…). Same applies to ZoneAlarm.
Generally speaking, incompatible is every application that uses the HTTP port (80) to route some non-HTTP (or partially-HTTP) data (including custom HTTP commands etc).
Absolutely, we’re not aware of any problem in the WebShield proxy itself (it’s fully HTTP 1.1, 1.0 and 0.9 compliant, can handle SSL connections etc) but some apps simply don’t adhere to the standards… or don’t use the http protocol on port 80 at all (use a proprietary binary protocol, e.g. to trick the firewall into thinking that it’s letting in/out http traffic, actually - this is the case with some p2p apps, for example).