New user but getting lots of blocked inbound connections when browsing

Just installed CPF today for the first time on recommendation from friend (am currently rebuilding PC from scratch after a HD failure earlier this week. The main issues I seem to have is that Windows Update doesn’t seem to work if I have the firewall on(the windows page loads then there is some sort of ActiveX controller/applet in the middle of the page taht with CPF swicthed off eventually gives me a choice of Custom or Express, instead I get a message about error 0x80072EE7 which is something to do with /etc/hosts file which is empty bar a localhost entry), secondly using Google toolbar on Firefox/IE7 always produces a dead link page, thirdly, pretty much every website seems to be producing alerts in teh activity log, the ports gradually increase in number (windows update and google toolbar especially, other websites produce a couple then they load). I’m guessing it’s a network rule problem but can’t figure it out.

Setup: PC(192.168.1.11) with Linksys USB wireless adaptor linking to Linksys Wireless router 192.168.1.100 in turn connected to another router 192.168.1.1

CPF rules:
0 Allow IP Out Any Zone:Linksys wireless 192.168.1.10 -192.168.1.100 IPPROTO is ANY
1 Allow IP In Zone:Linksys wireless 192.168.1.10-192.168.1.100 IPPROTO is ANY
2 Allow TCP/UDP OUT Any Any Source Port Any Dest Port Any
3 Allow ICMP Out Any Any ICMPMessage is Echo REquest
4 Allow ICMP In Any Any ICMP Message is Fragmentation Needed
5 Allow ICMP In Any Any ICMP message is Time Exceeded
6 Allow IP Out Any Any IPPROTO is GRE
7 Block & Alert IP In/Out Any Any IPPROTO is Any

All teh alerts I get are UDP incoming ones, all originating at teh DNS server of my ISP(BT)

i.e.
Description Inbound Policy Violation Access Denied IP = 194.74.65.69 Port = 3396
Protocol UDP Incoming
Sourec 194.74.65.69:dns(53)
Desination 192.168.1.11:3396
Reason Network control rule 7

With windows update for example the above will repeat every few seconds for a minute with the prot changing slightly 2444, 2449, 2474, 2526, 2543

It’s always rule 7 that is the reason and teh connection is always a UDP incoming. Switching to Allow all lets everything work so I’m pretty sertain it’s firewall related (or somewhere along the way the resinstall of XP/SP2 has stuffed up)

adding some further info which is all a bit bizarre, I can access google.com but not google.co.uk i.e. if I enter www.google.co.uk into the IE7 address bar, I eventually get google.com returning hits for www.google.co.uk as due to google toolbar google.com is the default search engine. Likewise using ebay.co.uk none of the pictures load and the text seems to be hit and miss. Both of these sites cause me trouble on another laptop I use for work which has BlackICE firewall installed, disabling that allows all the connections to be made, it seems CPF must have something similar to BlackICE restricting certain access

Welcome to the forum.
Have you scanned for known applications? (security/tasks)
Some programs like if you have a webserver or programs like Google desktop search does work if you check "skip loopback … TCP in security/advanced/misc

Did you have 2 routers?

For windows update you can try to set up a rule in application monitor for C:\WINDOWS\system32\wupdmgr.exe
Do it in security/tasks “Define a new trusted application”

it is 2 routers but they are connected, one is the ADSL modem the other just teh wireless cable router distributing signal. Connection to both is fine whether CPF traffic is set to custom or Allow All.

wupdmgr.exe was already a trusted application, it launches absolutely fine, it’s the incoming UDP packets that the Windows website returns that are the issue according to the log.

It literally is CPF, withit turned off, I can access everything, with it switched on it stops traffic to ebay.co.uk, google.co.uk even prevnting a ping from working, a lot of web suggestions are that it is due to MTU settings but I can’t see how the firewall would affect that as it’s only possible to change at the PC or router level so firewall or not it shouldn’t be affecting me as I can access everything with firewall disabled.

Thanks for suggestions though