Can Comodo block some LAN connections?

Can Comodo firewall block all communications between the machine it is installed on, and only some of the other computers on a home LAN?

Or can it only block communications between the PC and the WAN, i.e. the internet?

I want my laptop and desktop and NAS to see each other, and access the internet – but not see or be seen by any other machines on the same LAN, which also have internet access.

I have an unusual networking situation:

I disabled wireless in my modem-router, so only the 4 ethernet ports work.
I have a desktop (Win 7) a laptop (Win 8.1) and a NAS connected to it. They are networked by a password protected homegroup. Also, they have the same workgroup name as each other, so file and priter sharing is possible. That all works OK.

The problem:
I share my internet service with a friend in the next apartment, by one ethernet cable attached to port 4 on my modem-router.
Now her friends are staying there while she is away for a few months. They are not easy to negotiate with and I can’t ask them to make any changes to their computers.

It seems they have added a router at their end of the only ethernet cable from my place to theirs, because I often see two or more strange PCs listed in Windows Explorer networks folder. It even lists the 3 usernames on their PCs as media sharing devices.

I shouldn’t simply disconnect their ethernet cable from my modem-router, or they won’t have internet access, but I don’t like how their devices show up in my Windows Explorer. Also I guess my three devices are shown on their computers (but probably none of my folders are actually readable by them, I hope!)

I have tried making rules in Windows Firewall (blocking all connections except between my own machines, defined by IP) but that doesn’t stop the other machines appearing here, so I hope Comodo will be able to do it.

Do they hack your folders, monitoring your pc ?
whooo - give them a wireless connection - easy !


just kidding


You could try setting your systems and NAS to use static IPs outside the router’s DHCP addressing range.

Then create a Network zone with those same IP ranges (including the router/modem, so you can still access the internet).
Then create two global rules, one for Outgoing and one for Incoming in the aforementioned Network zone.
Then have a Block All rule at the bottom.