A firewall is concerned with ports and protocols to prevent connections that might cause something undesireable to get into (or out of) your machine or even take over your machine. This really has nothing to do with the HIPS cases that are part of a leak test. Very simply, a HIPS looks for behavior by something inside your computer that could indicate it is malware. Generally there is a whitelist of trusted programs to cut down on the effort. When a HIPS sees a process try to do something indicated in the attachment (typical list), it generates a popup to ask you for permission to do it. If you have a good understanding of Windows processing (and are willing to wade through a lot of popups) it can be a very effective tool. Do you feel comfortable judging that a process that does one or more of these is malware or not? The problem is that most of the processes you will see trying to do these things are not malware, just programs that perform sophisticated enough processing to need to do them. So it is your decision whether the process doing these things is malware or not. This is the issue many have with the leak tests. The test cases used are such that to do well on a leak test you must do two things:
1) Generate enough popups that every test case will produce at least one-this is what doktornotor was referring too as the flood of popup warnings
2) Be aware that "block" is always the right answer, since everything there is malware-sort of like the monkey knowing which button gives him food
But in the real world, most of what you see that gives popups will not be malware, and it is up to you to decide which one you are seeing. This is not to say that the leak tests are worthless-they do often indicate things that malware could do that users should watch out for.
Avast! (and some other firewalls) instead take the approach that the system must protect the user. Avast! includes an advanced Behavior Blocker and heuristics in the AV portion (which is not even tested by the leak testers, but is a kind of limited automated HIPS) so that the user does not need to make all the decisions-the rules are updated several times a day as part of the database updates. Limited user rights and other techniques can also help. BTW, Comodo also alludes to adding a Behavior Blocker sometime next year to cut down on the popups and do whatever they can.
So with a HIPS in the hands of a sophisticated user (or the monkey, if this is a leak test) you get the popups necessary for you to decide whether the process is or is not doing things you expect it to, and can block it if necessary. And varying degrees of sometimes helpful information in the popups. The downside is that the popups are a PITA and in the real world the HIPS often trains you instead, since most all of the popups you see are NOT malware and you need to keep hitting allow to make your system function properly. But a Behavior Blocker is not perfect either; just eliminates some of the dumber things a user might do. So a trade and a lot of arguments that may go on forever.