I just installed a trial of Avira Security Suite on my desktop.
When I opened Firefox it did not open and "said" that the connection had been reset. Avira gave information that the command? to block packets caused to block ip 8.12.213.113.
I clicked on FF to try again and it opened. It happened again later when I opened another FF, but the packet was a different number.

I assume this is from the firewall and maybe I need to make a different setting if I can find where and how. Or should I do nothing at this time and see if it will sort out?

Regards,
Jerry

I've seen lots of blocked packet notices from Avira's firewall and would also like to know why it does this. I'm behind a router.

-{ Quote: "I've seen lots of blocked packet notices from Avira's firewall and would also like to know why it does this. I'm behind a router." }-

Hi mvdu,
I also am behind a router.
The block packets notice is the default setting. I am not sure if that is good or bad as no other AV has done it.
Each time I go to a site that notice appears. I know I can stop the notice, but I wish someone would explain what it is all about, and if I should do anything.

I figure I could configure the firewall, but if this is the default setting it must be a good thing.

I have posted this on the Avira forum. If/when I get an answer I will post it here.

Regards,
Jerry

-{ Quote: "Hi mvdu,
I also am behind a router.
The block packets notice is the default setting. I am not sure if that is good or bad as no other AV has done it.
Each time I go to a site that notice appears. I know I can stop the notice, but I wish someone would explain what it is all about, and if I should do anything.

I figure I could configure the firewall, but if this is the default setting it must be a good thing.

I have posted this on the Avira forum. If/when I get an answer I will post it here.

Regards,
Jerry" }-

Thanks for posting it there. The message I get says something like "Rule Deny All Other IP Packets" or something like that. It doesn't happen on every website, but periodically.

Further experience shows this is not unique to FF, but many sites when I go to them I get the message that because of the rule to block all ip packets ip 65.55.15.124 has been blocked, for example. One that has been blocked is Avira. Googling indicates that,

ip 8.12.213.113 belongs to Level 3 Communications
ip 65.55.15.124 belongs to Microsoft
ip 62.146.210.133 belongs to Avira

To block these does not make any sense to me. I don't have the expertise to trouble shoot. Why would such packets be blocked?
I installed Avira with default values, and it does not do that on my laptop.
Should I just click "do not show this again," or make some change in the Firewall settings or uninstall?

This must be harder than I thought since I have not received a reply from the Avira forum. Anyone have any insight? I hate to remove it after less than two days, but that is the direction I am headed.

I am wondering what such packets do, and if there is likelihood of infection from packets?

Regards,
Jerry

Here are some things I gleaned from the HELP of Avira. No help so far from Avira/

Here are the settings for the firewall.

Avira Firewall Security levels.
High
Computer not visible in network
Connections from outside are blocked
Flooding and portscan are prevented

Medium
Suspicious TCP and UDP packets are discarded
Flooding and portscan are prevented.

Low
Flooding and portscan are detected.

I am not sure if the firewall needs to be set to high, but that is the default setting. That is the reason for the blocking of the ip packets, but I still do not understand the impact of it.

Regards,
Jerry

I get blocked packets with firewall set on "medium," too. I really don't understand why the packets are blocked.

-{ Quote: "I get blocked packets with firewall set on "medium," too. I really don't understand why the packets are blocked." }-

Thanks, I thought that the command to block connections from outside was the culprit.
I am going to give the Avira forum, or anyone, another day and if I cannot figure it out I am going back to KL.

I don't have another IS suite or firewall, and wonder if they have essentially the same settings?

Thanks for the information.

Regards,
Jerry

You are correct. I am getting the same with a Medium security setting.
Best,
Jerry

-{ Quote: "Further experience shows this is not unique to FF, but many sites when I go to them I get the message that because of the rule to block all ip packets ip 65.55.15.124 has been blocked, for example. One that has been blocked is Avira. Googling indicates that,

ip 8.12.213.113 belongs to Level 3 Communications
ip 65.55.15.124 belongs to Microsoft
ip 62.146.210.133 belongs to Avira

To block these does not make any sense to me. I don't have the expertise to trouble shoot. Why would such packets be blocked?" }-

The term "blocked" can be confusing if all the firewall is doing is dropping packets it has determined are no longer part of a valid session. If you are seeing these alerts from IP's you were visiting it is likely just late packets that are being dropped by the firewall and nothing to worry about.

Regards,

weeNym

-{ Quote: "The term "blocked" can be confusing if all the firewall is doing is dropping packets it has determined are no longer part of a valid session. If you are seeing these alerts from IP's you were visiting it is likely just late packets that are being dropped by the firewall and nothing to worry about.

Regards,

weeNym" }-

Hi weeNym,

Thanks, and that makes sense to me. I suspect that may be the case as the sites load and things work fine. If I did not get the notification I would have no idea it was happening.

Regards,
Jerry

I just visited the Avira forum and was directed to
http://www.avira.com/en/support/av9_what_is_the_meaning_of_the_firewall_slideup_deny_all_ip_packets_.html

Evidently it is designed to take such action, and since I do not see any slowdown or have other problems I will just check the "don't show.."

I appreciate the help.

Regards,
Jerry

-{ Quote: "I just visited the Avira forum and was directed to
http://www.avira.com/en/support/av9_what_is_the_meaning_of_the_firewall_slideup_deny_all_ip_packets_.html

Evidently it is designed to take such action, and since I do not see any slowdown or have other problems I will just check the "don't show.."" }-

It is normal to see firewalls drop late packets from legitimate connections in addition to scans and other unsolicited traffic. You just do not need to see pop up alerts every time it does, that is what logs are for. Selecting the "don't show" and unchecking those notification items would be a good choice.

Regards,

weeNym

-{ Quote: "It is normal to see firewalls drop late packets from legitimate connections in addition to scans and other unsolicited traffic. You just do not need to see pop up alerts every time it does, that is what logs are for. Selecting the "don't show" and unchecking those notification items would be a good choice.

Regards,

weeNym" }-

Why does this firewall show these while others I've had, including Outpost, do not report them?

-{ Quote: "Why does this firewall show these while others I've had, including Outpost, do not report them?" }-
The other firewalls will be recording events like this in the logs and not bothering users with nuisance pop-up alerts everytime it drops a packet as the default setting appears to be in this firewall.

Regards,

weeNym

-{ Quote: "The other firewalls will be recording events like this in the logs and not bothering users with nuisance pop-up alerts everytime it drops a packet as the default setting appears to be in this firewall.

Regards,

weeNym" }-

Actually, I don't see the same events in other firewalls' logs.