I know there's methods out there to spoof your source IP address (proxy, techniques used by hackers to bounce off other machines or for uni-directional flooding), but how about if for instance you have a firewall setup to only allow an inbound connection from a certain public IP address (to limit access)? I know that somebody could spoof their source IP address to match this, however wouldn't the return IP traffic try to go to the actual owner of the IP address and not back to the hacker?

Example, you have policy setup to allow inbound from 35.85.20.12, a hacker at 152.96.52.100 spoofs their source IP address to match 35.85.20.12 so they now have gotten past that firewall policy, however won't the host you were protecting respond to 35.85.20.12 (as it sees that as the source of the traffic), so the hacker won't actually have a working connection as they'll NEVER get the return traffic?

Appreciate your comments, thanks
James