IPFW

[Pons]

I have configured a FreeBSD 5.1 rel box 2 NIC's (Ext.ip/Int.ip)
with ipfw/natd/squid the setup is working, but still _FLAT_
it means i am using the default IPFW configuration
firewall_type="open"
I want to give more security to my internal network by
stoping/limiting unneccessary traffic in/out
so I need help to implement the following set of ipfw rules
1- permit only clients with 10.5.0.0/16 to send/recv via the box
2- Block MSN messanger/ yahoo messanger/ ICQ / Kazaa
3- Block in/out ICMP Ping / traceroute
4- Permit DNS/ HTTP(S)/ FTP / SMTP / Telnet /SSH /POP3
5- what should i include in  /etc/sysctl.conf against DoS attack , spoof
..etc
6- What about the kernel_level, in which mode should i run the kernel
7- which other services should i disable
8- allow me (my ip) to manage the box by accessing it via ssh only
any input would be really appreciated.
Thanks