Webshield and Internet connection reset

Hello

I’ve been experiencing a lot of problems recently with my internet connections. I am using XP home edition and the latest version of avast free edition.

I originally thought that it was FFox 3.01 that was causing the problem which I uninstalled and went back to version 2.0.0.16 but the same thing was happening even with IE7. Reinstalled winsock, TCP IP and flushed the DNS cache, spent hours on the phone to my ISP, reconfigured my broadband modem multiple times, multiple virus checks etc… all to no avail.

I have only just discovered the culprit - Webshield which was causing Firefox to give me a message that my internet connection was being reset and denying me access to the web. I had configured Webshield to disable the “scan all files” web protection option and enabled scanning only for downloadable executable files in web traffic( as per the Error loading websites mozzillazine article) but it was still causing problems. I have now disabled it altogether and everything is working fine.

I notice in the support FAQ Web Shield Issues :

Check your firewall configuration. For the correct operation the Web Shield process (ashWebSv.exe or aswWebSv.exe) needs a permission to access the Internet (TCP port 80) and a permission to act as a server and accept incoming connections from localhost (the local machine) on TCP port 12080.

My question is that I use WAMP for development and for a local copy of my website and Apache uses port 80 - is there another port that I can use for Webshield. I also occasionally use a proxy program that use localhost port 8580. How do I configure it to work in that situation?

Many thanks for your help.

Jean

Yes, just configure it into WebShield “Redirected HTTP ports”.

Add it there and uncheck ‘Ignore local communication’.

Many thanks Tech

I’ve reactivated Webshield and entered the port 80.8080.3128 in “Redirected HTTP ports” as per your image and the reconnection reset problem has also disappeared. Have yet to test it with the proxy server running but hopefully it will work then too.

Well done, appreciate it very much.

Jean

The default is only 80
The others will be there with commas: 80,8080,3128

Hi Tech

Thanks again. Changed the settings as you suggested. I wrote a bit too soon because when I restarted Firefox with Webshield enabled the same connection problem comes back, but it disappears when I have it disabled.

Do you have any idea what causes this and a possible fix?

Also if the default is port 80 for Webshield will it not conflict with Apache running on the same port?

Cheers

Jean

First, let only 80 there. No need for the others.

No, avast WebShield just scan the traffic: Internet > Webshield > your browser.
Which port does Apache use? I mean, other than 80, as a proxy. Or none?

Hi Tech

Apache uses port 80 and MYSQL uses port 3306. No Proxies as far as I can tell.

Jean

Did you try adding 3306 to redirection ports and uncheck the ‘Ignore local communication’ option? Won’t avast scan the http traffic over that port?
Maybe you’ll have to use the optin method into avast4.ini file for WebShield… ???

Hi Tech

Thanks for the last reply. I have left Webshield disabled for the time being as I’ve had other issues to deal with. We’ll have to sort that one another day but thank you very much for your great help so far.

One of those issues which is outstanding is to do with Spamihilator. I did not whether I should start a new post so if it’s in the wrong place, please move it.

I uninstalled Spamihilator (did not change any settings when I installed it) and I am getting an error when sending mail from OE - have not received any response to a post on their forum see (http://www.spamihilator.com/forum/viewtopic.php?f=22&t=7549&sid=ab6619c427ccc0e64c8556e970c93599) and it has just occurred to me that avast might be causing the error:

An unknown error has occurred. Subject ‘…, Account: ‘…’, Server: …’, Protocol: SMTP, Server Response: '550 No SMTP server defined. Use real server address instead of 127.0.0.1 in your account’, Port: 25, Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC69

My server ports settings is OE are Outgoing mail (SMPT) 25 - SSL is not ticked.

When I stop Internet Mail scanning the messages go through without any problem. If I activate/pause the service then the same error occurs. This is the aswMaiSv.log:

09/19/08 18:00:34 000017F0: Started as service, Log = 1
09/19/08 18:00:34 000017F0: Build 4.8.1229
09/19/08 18:00:34 000017F0: Windows XP Workstation (Service Pack 3)
09/19/08 18:00:34 000017F0: AutoRedirect settings changed 1
09/19/08 18:00:34 000017F0: IgnoreLocalhost settings changed 1
09/19/08 18:00:34 000017F0: POP Start settings changed: 1
09/19/08 18:00:34 000017F0: POP Listen settings changed: 127.0.0.1 12110
09/19/08 18:00:35 000017F0: POP RedirectPort: 110
09/19/08 18:00:35 000017F0: SMTP Start settings changed: 1
09/19/08 18:00:35 000017F0: SMTP Listen settings changed: 127.0.0.1 12025
09/19/08 18:00:36 000017F0: SMTP RedirectPort: 25
09/19/08 18:00:36 000017F0: IMAP Start settings changed: 1
09/19/08 18:00:36 000017F0: IMAP Listen settings changed: 127.0.0.1 12143
09/19/08 18:00:36 000017F0: IMAP RedirectPort: 143
09/19/08 18:00:36 000017F0: NNTP Start settings changed: 1
09/19/08 18:00:36 000017F0: NNTP Listen settings changed: 127.0.0.1 12119
09/19/08 18:00:37 000017F0: NNTP RedirectPort: 119
09/19/08 18:05:09 000017F0: Stopped

Could it be the Listen settings that’s causing this to occur and if so would you please let me how to restore the default settings?

The relevant section from my avast4.ini file is as follows:

[MailScanner]
PopRedirectPort=110
SmtpRedirectPort=25
ImapRedirectPort=143
NntpRedirectPort=119
IgnoreAddress=
IgnoreLocalhost=1
AutoRedirect=1
StartPop=1
StartSmtp=1
StartImap=1
StartNntp=1
ShowTrayIcon=1

The way that I’m getting around it at the moment is to move the message to the Drafts folder, click send, close and restart OE and it then goes off happily.

Thank you again in advance for your help.

Jean

WebShield has nothing to do with OE and mail scanning… but maybe if it is another problem it could be a firewall blocking, couldn’t it?

Spami would change the port 110 (POP) to 120 only, won’t change SMTP port (25).

Is your server set correctly pop..com or something like that?

This is correct.

Seems ok…
http://forum.avast.com/index.php?topic=1647.msg10267#msg10267

Thanks Tech,

I think that I resolved the OE problem by deleting the account and reinstalling avast and then reinstating the OE account.

With Webshield I followed the video for Firefox instructions - Configuration of the Web Shield HTTP proxy at http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=2212 and Redirected HTTP ports (80) with Enable Web scanning, Use intelligent stream scanning, Ignore local communication ticked with Webshield. The problem seems to have disappeared.

It even works when the proxy server that I am using replaces the port to 8580 in Firefox. Don’t ask me how or why.

Thanks again for all your help, Tech.

Regards

Jean

Are you sure? I don’t think WebShield will scan port 8580 with this configuration…

Humm! ??? You got me stumped once more.

With Ignore local communication ticked WS shows:
Last scanned: 0 Scanned count: 0 - I supposed that this would indicate that WS is not scanning port 8580 - unless it had already scanned the open pages. I did try to open other pages and the scan stats did not change.

With Ignore local communication unticked:
Last scanned: http:…localhost/dolibarr/htdocs/ Scanned count: 1 but I also get the Pageload error that occurred before with outside web sites (see attached gif) when I try to log into the localhost program. It’s stopping the opening of pages that I have running with WAMP (localhost: Apache on port 80). It allows their opening when Ignore local communication is ticked.

I also enclose a screen print of the present proxy settings on Fifrefox and Webshield. By the way the proxy program that I am using is called Freegate.

Can you make sense of this?

Jean

Hi Tech

I think that this problem is finally solved:

Added port 8580 to Redirected HTTP ports in WS (80,8580) and ticked Ignore local communication - WS seems to be scanning as it now shows Scanned Counts as 25. Also have no problem accessing local host program running on WAMP. Phew! ;D

Jean

Now it’s better. Thanks for posting back. Feel free to come back any time you need help or just to enjoy the forums.