I know there's methods out there to spoof your source IP address (proxy, techniques used by hackers to bounce off other machines or for uni-directional flooding), but how about if for instance you have a firewall setup to only allow an inbound connection from a certain public IP address (to limit access)? I know that somebody could spoof their source IP address to match this, however wouldn't the return IP traffic try to go to the actual owner of the IP address and not back to the hacker?

Example, you have policy setup to allow inbound from, a hacker at spoofs their source IP address to match so they now have gotten past that firewall policy, however won't the host you were protecting respond to (as it sees that as the source of the traffic), so the hacker won't actually have a working connection as they'll NEVER get the return traffic?

Appreciate your comments, thanks