I've recently setup a firewall with -k for outside, -y for inside.
It would intrest me if you know of any firewall-testing tools,
that sends packets of form SYN=ACK=1 for trying to initiate a
connection from outside. I'm curious if the networking code accepts
or drops such packets.