Hello. That's it!!, don't know where to look. By default SuSEfirewall its letting every traffic from inside to outside, but i need to block: kazza, imesh and similars, because my clients are sucking all the bandwith downloading mp3, videos, etc. eth0 -> internal lan 192.168.2.2 eth1 -> external lan 192.168.1.2 in /etc/sysconfig/SuSEfirewall, only changed these, everything else is as default. FW_DEV_EXT="eth1" FW_DEV_INT="eth0" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.2.0/24" FW_SERVICES_INT_TCP="ssh" FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom" in /etc/sysconfig/scripts/SuSEfirewall2-custom, modified/added these, everything else is as default. fw_custom_after_antispoofing() { for target in LOG DROP; do for chain in input_ext input_dmz input_int forward_int forward_ext forward_dmz; do iptables -A $chain -j $target -p tcp --dport 31337 iptables -A $chain -j $target -p udp --dport 31337 iptables -A $chain -j $target -p tcp --dport 12345:12346 iptables -A $chain -j $target -p udp --dport 12345:12346 iptables -A $chain -j $target -p tcp --sport 2932 # incp iptables -A $chain -j $target -p udp --sport 2932 # incp iptables -A $chain -j $target -p tcp --sport 1081:1082 # pvuniwien:amt-esd-prot iptables -A $chain -j $target -p udp --sport 1081:1082 #pvuniwien:amt-esd-prot done done true } tcpdump showed me that kazaa used 2932, 1081 and 1082 ports to establish connection with kazaa internet servers. Please give me an advice, a direction where to look or even better the solution. Best regards. Oxiel