lns firewall is so good that i love deeply。this is the first time i want to ask for advice about LNS firewall,hope someone people can help me,thanks. i read office's SPF-Rules-1.01.rie rule.i got know something about SPF. this rule have some rule as below: udp: spf ntp Req udp: spf ntp Rsp ... ... all of four rule. each UDP rule is send a reqeust datagram outgoing and accept the incoming datagram which match the SPF rule. what that is mean you must be send datagram to remote machine? and here ,i have a trouble with eMule protocol. i know eMule use TCP port and UDPport to listening. in case of ,i customize TCP and UDP port both is 12345. this port 12345 is listening to remote machine to connect my own's,is it?? so, i write two eMule rule: 1: eMule connect Ed2K (TCP) 2: eMule listening Port 12345 to KAD(TCP and UDP) sorry i can't upload pic. for more safe ,i modify the second rule with SPF,and now the trouble is coming.the eMule listening UDP port 1234 was to connected by other people,this is mean other people first send datagram to me ,is it?? or i first send datagram to other people?? i according to LNS SPF-Rules-1.01.rie modify eMule UDP listening 12345 as beow: eMule listening Port 12345 to KAD(UDP) SPF Req eMule listening Port 12345 to KAD(UDP) SPF Rsp (sorry ,i can't upload the pic) Initialization,i set SPF option IPV4 timeout=6000. i checked many times and think of that no problem. but in the log windows here many many UDP datagram with port 12345 by stop. when i set timeout=60000 ,here is no log to appear. but 60000 = one minute . one udp datagram must wait for one minute to get respond, is it too long ?? when i set timeout=6000, the eMule's KAD can connect and run ok,and i get HighID,but the log windows such many rule by stop that i can't belive in . when i set timeout>20000, here little ruel by stop,when i set timeout=60000,here seldom rule by stop. i have been puzzled by LNS SPF with eMule,why a udp respond datagrams have so long. i hope someone can give some advice ,i already don't how to works. the important is two : 1:who first send datagram when i listening UDP port? 2:how to set eMule UDP SPF rule accuratly and no log appear in log windows?