Is there a way to forward packets even if no TCP SYN was detected before ? A packet (TCP SYN) is sent to a unit but the reply (TCP SYN ACK) goes through another route and then through Shorewall. The firewall sees that there was no prior TCP SYN and does not forward the packet. Cisco handles that situation with Access Lists. Is there a Shorewall option that would let this type of flow go through ? Thanks. ------------------------------------------------------------------------------ What Every C/C++ and Fortran developer Should Know! Read this article and learn how Intel has extended the reach of its next-generation tools to help Windows* and Linux* C/C++ and Fortran developers boost performance applications - including clusters. http://p.sf.net/sfu/intel-dev2devmay