Webshield and Sygate Personal Firewall

[sded]

There have been some previous messages on the problems using Sygate Personal Firewall with Webshield.  SPF has a flaw in that it does not recognize local proxies.  So if you turn on Webshield, everything going out or in as http:// has a source of Webshield and is allowed by Sygate.  If you want to avoid unknown programs accessing the web, set up your browser(s) to use an http:// proxy of 127.0.0.1, port 12080, and set up 12080 as the redirected http port in Webshield.  Then all traffic from your trusted browsers will go through Webshield and show up in the Sygate log with a Webshield source, all https, ftp and other will go though Sygate normally,and  any new program requesting http access will be challenged by Sygate as usual. 

[Vlk]

It shouldn't be necessary to set the redirect port to 12080. Just disable redirection in general (by leaving the redirected ports field empty).

It's pointless to redirect communication on port 12080 if you manually reconfigure your web browser to use proxy on this port.

Anyway, thanks for sharing with our forum users. I've been monitoring your discussion on the DSLReport forum as well.

Thanks
Vlk

[sded]

Just a reminder of what you put in the proxies if you enter it.

[stevejrc]

so adding this to IE connection settings proxy server fixes it:
address 127.0.0.1   port 12080

do I leave bypass proxy server for local addesses unticked?
in advanced button should secure, ftp, gopher protocols be left blank?

I assume avast4.ini doesnt need to be edited for this?

[sded]

That's right.  You want to leave https, ftp, gopher blank because Webshield can't scan them and you want Sygate to check for programs using those protocols as well as http not going through the proxy.
You can see in Sygate Traffic log before and after to verify setup.

[dja2k]

This is my first time using Avast and well I have a sygate firewall.  Okay what does this setting proxy 127.0.0.1 do?  To whom or what is that proxy related to?  Anyways I already set it under IE > Tools > Internet Connection > Lan Settings and also the port 12080 leaving the check box under it blank.  Where do you set the other HTTPS, HTP etc setting you are talking about above?  Anything else I am mssing?  How do I check if this is working right?

dja2k

[sded]

The 127.0.0.1 is just your localhost, saying to do it within your computer.  Under LAN/Proxy Server/Advanced you enter these for http.  Leave the others blank, since you don't want them to go through Avast!  To check to see if it is working, look under the Traffic Log in Sygate.  With the Proxy box unchecked, the log should show IE accessing the web.  With it checked, it should show ashWebSv.exe accessing the web.

[dja2k]

Okay I am all set here, thanks for the help.  It does show avast accessing the web with the checkmark and ie without it.

dja2k

[dja2k]

I got a friend to try Avast and if I am correct, he doesn't have to do any of the above stuff for Outpost firewall.  This proxy stuff is only for the issue with Sygate right?  Or are there issuse with other firewalls including Outpost?

dja2k

[Vlk]

No, it's basically (imperfect but still OK) work around for a Sygate bug (that has been known for years but Sygate keeps ignoring it ).

[dja2k]

So your saying ?  Does he need it also even if he doesn't use Sygate?

dja2k

[Vlk]

Since it's a work around to a Sygate bug, the answer is NO, it is not needed if you're not using Sygate.

[stevejrc]

Mine still lets everything through... I tested it with realplayer update, thats set to "ask" permission and the log shows "allow" remote port 80 webshield...

I rebooted before trying aswell  (IE proxy settings correct, avast redirect blank)

I re-logged into adsl and it worked, so I guess its just sygate, its done this before where it doesnt bother to ask
for permission or asks after I've actually accessed. Might try outpost or something now...

[JohnC]

Hi,
I'm getting the same problem.
Sygate thinks eg Realplayer is Avast's scanner and lets it access the internet without checking with me.
I'm using W98.
I've set Firefox and IE to proxy 127.0.0.1  port  12080 for http only.
Is there a way to get other programs to access the web directly, as before, so Sygate will recognise them?

John

[sded]

From the log it looks like Real Player is using  IE services as its way of connecting to the Internet.  Which of course shows up as Webshield in the log.  When I turn off Webshield, with the proxy in IE, Real Player can't connect anymore.  Don't know how to get around programs that use IE as a tool to connect to the internet-they look just like IE to the Sygate firewall because of the proxy problem.