How to configure firewall to use Windows Mobile Hotspot feature?

Comodo Internet Security - CIS Firewall Help - CIS
1

I have encountered this issue when attempting to use the built in “mobile hotspot” feature of windows in order to use my PC as a virtual router. I am able to connect my phone to the network just fine, and my phone and PC are able to communicate correctly (for example, I can connect to AnyDesk or Jellyfin on my PC from my phone while connected to the hotspot). However, I cannot access the internet from my phone while connected to my PC’s mobile hotspot, because Comodo is blocking the traffic.

I want to add a firewall rule to allow this traffic. The problem is, Comodo doesn’t seem to be able to tell that the traffic is coming from my phone. For example, if I try to load “reddit.com” on my phone, this is what shows up in the firewall log:
-Application: “Windows Operating System”
-Action: Blocked
-Direction: Out
-Protocol: TCP
-Source IP: 192.168.1.236 (this is my PC’s IP address for my home wifi connection)
-Source Port: 62288
-Destination IP: 151.101.1.140 (reddit.com)
-Destination Port: 443

So my questions are:
-Why is the source IP showing my computer’s IP instead of my phone’s IP? Is there any way for Comodo to tell the actual source of the request?
-Why does this show as “Windows Operating System” instead of showing the actual application?
-Is there any way to set a rule to allow through IP traffic from my phone, without allowing all traffic from “Windows Operating System”?

2

Because the source IP address of the outbound request IS your PC.
Your phone, using the PC’s hotspot function, is basically telling your PC “Can you go and get this info for me?”.

[i] Is there any way for Comodo to tell the actual source of the request?[/i]
No. Comodo monitors and filters data packets according to the network stacks on the PC that is running CIS. CIS neither knows nor cares about your phone.
[i]-Why does this show as "Windows Operating System" instead of showing the actual application?[/i]
Because the hotspot function is recognized by CIS as "Windows Operating System". It cannot know that the request originated from a browser running on your phone. It is only concerned with data packets that flow to and from your PC.
[i]-Is there any way to set a rule to allow through IP traffic from my phone, without allowing all traffic from "Windows Operating System"?[/i]
Sadly no, as explained above. CIS neither knows not cares about your phone. It is focussed on handling the data packets running around your PC. The fact that outbound requests originated on your phone is irrelevant. CIS is handling those packets after they have been transferred from the hotspot network stack to your PC's outbound network stack.

Hope this info helps,
Ewen :slight_smile: