dead network connection

I absolutely love this firewall… But, I’ve recently been having issues with my network connection being lost [yellow exclamation mark] until I choose to ALLOW ALL.

Connection immediately returns then I change back to CUSTOM and all is well for 2-4 days when the problem returns again.

Any thoughts?


XP Media Center
cable modem via Netgear router
Intel 3ghz
1g ram

Check your Application Monitor for a Block entry on svchost.exe. That’s first.

Since Allow All works, we know there is an issue with a created rule in the Firewall. If svchost.exe is not blocked in AppMon, we’re off to Network Monitor land.

Have you made any changes to Network Monitor rules recently (to coincide time-wise with this issue)?

Have there been any changes to the configuration of your internet connection (ISP, new router, new modem, anything…)?


I’m having a similiar problem. I can be online anywhere from 20 minutes to 2 hours and then have my WiFi connection drop. I switch to allow all and the connection repairs. I then switch to Custom and it works for 20 minutes to 2 hours; then repeat.

I checked Application Monitor and there are no entries for SVCHOST it has not asked for permission to my knowledge - yes this is a new installation. About 3-5 days.

Under Network Monitor, everything is set to allow except “Block and Log IP In or Out from IP [Any] to IP [Any] Where IPPROTO is ANY”. I did not create this.

Thanks for any help that can be provided.

Welcome to the forums, ebedsworth ~

If switching to Allow All lets it work, then it’s a rules issue; the majority of the time it’s probably Network Monitor.

If you’re on WiFi, you’ll probably need to set up a trusted network for that, to be able to access the DHCP server on the wifi router (presuming you have a router…).

First, let’s go to Security/Tasks/Scan for Known Applications. Follow all prompts.

See the tutorials in this thread on Network Monitor rules (by m0ng0d) and securing your wifi (by pandlouk):,6167.0.html

If you’re still having problems after that, we’ll dig into the logs.


I’m currently on travel and using a hotel’s WiFi network. So, I’m not sure how to set up a trusted network for a hotel. I did have the same problem at home and will set up a trusted network there. I did run Security / Tasks / Scan for Know Applications and followed prompts last night and the problem has been much less frequent today. I’ve only had 1 outage in 8 hours use. I’ll check out the tutorial when I return home Friday.


You really don’t want to set up a trusted network for a hotel, given that you don’t know who might be using it. It’s probably not very secure from a technical standpoint, either (as far as encryption, etc).

If they can provide information about DHCP & DNS Server IP addresses, or other info pertaining to their network connectivity, you can use those to create some temporary custom rules at the top of Network Monitor to allow you to gain internet access.

There’s a good possibility that their network IP range will match that of your home (192.x.x.x); if this is the case, your home LAN rules you will probably want to change from Allow to Block, and create the temporary Hotel rules above those, so that they’re processed first.

FWIW, v3, when it goes final, will have the ability to manage multiple profiles. This means that you can create multiple rulesets and switch them out as needed.