Ethernet through 2 computers

Hello, got here functional setup, but could need advice from someone who understands networking.

Trying to figure how to forward correct ports with COMODO for setup:

  1. Ethernet →
  2. Windows 7[Machine 1](NIC 1)(Shared connection) →
  3. Windows 7[Machine 1](NIC 2)(internal IP for NIC 3) →
  4. Windows XP[Machine 2](NIC 3)

(Internet sharing enabled at Windows 7 on ‘Local Area Network’ NIC 1 providing 192.168.137.1 gateway address & 192.168.137.xxx as client IP through DHCP.)

Now I figured I need (This setup works clean up, running):
‘svthost.exe’:

  • machine 1[Firewall]: UDP IN: Client IP, Gateway IP, Any, 53
  • machine 1[Firewall]: UDP OUT: Client IP, Gateway IP, 67, 68 (where I have range 67-68 to 67-68 as I understand these are DHCP needed).
  • machine 1[Firewall]: UDP OUT: Any, DNS Address 01, Any, 53 (Ethernet DHCP identify address)
  • machine 1[Firewall]: UDP OUT: Any, DNS Address 01, Any, 53 (Ethernet DHCP identify address)
  • machine 1[Firewall]: Allow Access to Loopback Zone
  • machine 1[Firewall]: Block all the Rest

‘alg.exe’:

  • machine 1[Firewall]: Outgoing Only

‘System’:

  • machine 1[Firewall]: Block All

Machine 2 [Firewall/AV]:

  • As usual except the ‘My Network Zone’ at mask 192.168.137.1 / 255.255.255.0 address.

Running/Extra notes:

  • No 3rd party firewalls nor software.
  • Windows Firewall is down.
  • Comodo Internet security v4.0.135239.742

Now, could someone tell me if there is anything I don’t need on this setup or might wanna take a look ?

Read the following on how to open a port with CIS.

To open the port TCP 1723 for example

First step is to determine the MAC or Physical address of you network connector. Go to Start → Run → cmd → enter → a black box will show up and enter the following → ipconfig /all (notice the space before /all) → enter → now look up the Physical address and write it down.

Notice that Physical address = MAC address

Firewall → Advanced → Network Security policy → Global Rules → Add → fill in the following:
Action: Allow
Protocol: TCP
Direction: In
Description: Incoming Port

Source address: Any
Destination Address: Choose MAC address and fill in the found MAC/Physical address
Source Port: Any
Destination Port: 1723

Then push Apply → Now make sure that the new rule is somewhere above the basic block rule(s) as the bottom (the block rules have red icons); you can drag and drop the rules → Ok.

Needed:
DHCP = functional at ports 67-68
(if no static used on ‘Machine 2’ end these would be needed.)
DNS = functional at ports 53

You mean I should allow all traffic from specified MAC clean through and deal with the security on client machine?

and what the hell does this all have to do with Port 1723?
According to my source port 1723 is used to VPN as in Virtual Private Network.