diff --git a/rc.firewall b/rc.firewall
index db5378b..48e0e60 100755
--- a/rc.firewall
+++ b/rc.firewall
@@ -88,6 +88,7 @@ if [ $CONNTRACK ]; then
 	$IPTABLES -A INPUT -i lo -m state --state NEW -j ACCEPT
 	$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
 	$IPTABLES -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
+	$IPTABLES -A FORWARD -m state --state NEW -j ACCEPT
 	$IPTABLES -A INPUT -m state --state INVALID -j DROP
 	$IPTABLES -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
 	$IPTABLES -A OUTPUT -m state --state NEW -j ACCEPT