Sounds like your missing an iptables rule, I don't know if this will help but here is the script I used when I was on dialup (which used ppp0) so I could get only from my other boxes all at the same time (not sure if my isp liked that ;-))
Code:
#!/bin/sh
ipt=/usr/sbin/iptables
ipf="/proc/sys/net/ipv4/ip_forward"
ipd="/proc/sys/net/ipv4/ip_dynaddr"
$ipt -F
$ipt -P INPUT DROP
$ipt -P FORWARD ACCEPT
$ipt -P OUTPUT ACCEPT
$ipt -A INPUT -p ALL -i lo -j ACCEPT
$ipt -A INPUT -p ALL -i eth0 -j ACCEPT
$ipt -A INPUT -p tcp -i ppp0 --dport 80 -j ACCEPT
$ipt -A INPUT -p tcp -i ppp0 --sport 80 -j ACCEPT
$ipt -A INPUT -p udp -i ppp0 --sport 53 -j ACCEPT
$ipt -A INPUT -p tcp -i ppp0 --sport 22 -j ACCEPT
$ipt -A OUTPUT -o ppp0 -p icmp --icmp-type echo-request -j ACCEPT
$ipt -A INPUT -i ppp0 -p icmp --icmp-type echo-reply -j ACCEPT
$ipt -A OUTPUT -o ppp0 -p icmp --icmp-type echo-reply -j DROP
$ipt -A INPUT -i ppp0 -p icmp --icmp-type echo-request -j DROP
$ipt -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
$ipt -A FORWARD -i ppp0 -m state --state NEW,INVALID -j DROP
echo 1 > $ipf; echo 1 > $ipd;
That was on a slackware 9.0 box, and it was in /etc/rc.d/rc.firewall.. I'm sure it's different for SuSE (well duh!) anyway, hope this helps!