I think I'm going to like this firewall, but it's tough sledding up front. I collected few useful ruleset from the LnS site, as well as PhantOm's rules. The LnS rules are: enhanced, wireless, filesharing and tracert. I also got PluginEditRawRule.dll - I won't edit Raw rules, but this allowed me to look (sure is complicated, expert, stuff!). My questions, related to my first attempt which I didn't like: (1) Starting from scratch, what is the best sequence importing those rules in? I don't want to mess up too much by doing things in wrong order only to have to rearrange and mess up later. (2) Before installing Phantom's rules, the LnS firesharing rules were in place and I added few ICMPs. PhantOm's rules also seem to have NetBIOS rules as well as ICMP. Once again, do what? Ditch mine? (3) can you put NOT "!" in front of a port or is it just for IP on the application? I want to log a block on one or two ports when browser is used. Something on yahoo that I don't like. (4) I made rules for Outlook client (just DNS by UDP to ISP's in and out mailservers on the Applications tab). Since Outlook gets and sends mail provided by ISP and gmail, I ended up with 4 packet rules, all out by TCP. Two for ISP (ports 25 and 110) and two for gmail (995 and 465) Should I have bundled it all into one packet rule? or into application? Why or why not?