LinuxQuestions.org - Losing mind ... please help with IP masq

I thought I got it figured out but it doesnt work.
I have ifcg-eth0:
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
IPADDR=192.168.1.1
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes

I have /etc/dhcpd.conf :

ddns-update-style none; ddns-updates off;

authoritative;

default-lease-time 600;
max-lease-time 7200;

option domain-name "localdomain";

option routers 192.168.1.1;
option domain-name-servers 192.168.1.1;

subnet 192.168.1.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.1.11 192.168.1.20;
}

DHCPD loads fine and gives out IP address to my clients connected on eth0.

I Have SuSEfirewall2 as :

FW_DEV_EXT="ppp0"
FW_DEV_INT="eth0"
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_NETS="192.168.1.0/24"
FW_SERVICE_DHCPD="yes"

SuSEfirewall2 loads fine also.
I have named running
I have /etc/resolv.conf with the nameservers of my isp.
I have smppd running on dial on demand with options :

defaultroute
noauth
demand
192.168.0.5:192.168.0.6
receive-all
bsdcomp 15
ipcp-accept-remote
ipcp-accept-local
holdoff 12
idle 3600

I have IP forwarding enabled

When I connect to the internet from the linux box it connects fine and I can browse. However my dhcp client machines on the internal lan have no access to the internet.

And I keep getting this error :

SuSE-FW-UNAUTHORIZED-TARGET IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:30:<allsorts of numbers here> SRC=192.168.1.19 DST=192.168.1.255 LEN=229 TOS=0x00 PREC=0x00 etc etc etc

** 192.168.1.19 is one of my machines on the internal LAN
Please help I am losing my mind.