To get rid of those "0/0" null-restriction from outer space, I'm afraid, there's no way than that suggestion of Mark Ruth, though.
You have a nerve [0/0]. Is pretty insecure. Guess would be easy to sniff the vnc password and every guy with some ambitions will move the mouse only you should move remotly.
Would suggest following simple way to make it more secure, also if you have a static ip you can bind.
Find the position of the rules in /sbin/SuSEfirewall2 and modify this rules in order to check the MAC-Adresse of your remote machine.
If you've further question how to, mail me.
OOOOHHH - think MAC check wont work outside the ethernet - my failure. Made, cause somewhere on customs net there was a DNS outside,but before router that was connect via ethernet and checkable that way - and so my little brain forgot that not all the same - shame. Michael Appeldorn