NOD32 3 includes a web filter component which redirects all HTTP connections through the NOD32 service. All HTTP connections appear to come from the NOD32 service to CFP so once you allow the NOD32 service to access the Internet any program that attempts HTTP connections will have access without CFP raising an alert. On high alert level you do get an alert when different ports are used.
Basically the web filter hides other programs HTTP connection attemps from CFP.
I sure this behavior affects any firewall program.
NOD32 is a well respected virus program but I did not like this behavior at all it has now been removed from my system.