There exists a vulnerability within many firewalls and other systems that permit a session to be established in spite of firewall rules. The specifics are outlined here
To briefly demonstrate this, I will craft custom TCP packets with the SYN and FIN flags set. I will use Nmap for my port scanning, and Nemisis for all others:
nmap -v -v --scanflags SYNFIN -P0 <target>
nemesis tcp -v -fS -fF -D <target> -S <myip>
In the case of Nmap, notice how the ports that were originally “filtered” are now “open”. Note, not all systems are vulnerable to this bypass. Sorry for not having a better demo. Go and try it out on your own and see how it works. enjoy!