I have just one computer connected to internet throug eth0 and sometimes modem. I want some services like ssh and http to be accesible. I want all other ports closed. I tryed with following FW configuration, but when I activate FW I can do nothing... even I can not ping from/to my host. See: petit:~ # ping milu PING milu.montblanc.all (192.168.0.100): 56 data bytes --- milu.montblanc.all ping statistics --- 4 packets transmitted, 0 packets received, 100% packet loss petit:~ # SuSEfirewall stop Removing filter rules and disabling IP forwarding ... SuSEfirewall: clearing rules now ... done petit:~ # ping milu PING milu.montblanc.all (192.168.0.100): 56 data bytes 64 bytes from 192.168.0.100: icmp_seq=0 ttl=255 time=0.604 ms 64 bytes from 192.168.0.100: icmp_seq=1 ttl=255 time=0.783 ms My simple configuration is following: in /etc/rc.config START_FW="yes" in /etc/rc.config.d/firewall.rc.config FW_DEV_WORLD="eth0" # also tried to use modem here... FW_DEV_WORLD_eth0="10.0.0.1 255.255.255.0" # actually eth0 IP is configured by PCMCIA scheme... FW_SERVICES_EXTERNAL_TCP="ssh sftp http https" #all other options are set to default values. I must be missing something important... help me guys.