diff --git a/Shorewall2/firewall b/Shorewall2/firewall
index fc038543a..e164393a7 100755
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@@ -7092,9 +7092,13 @@ apply_policy_rules() {
 		    ;;
 	    esac
 
-	    [ -n "$synparams" ] && \
-		[ $policy = ACCEPT -o $policy = CONTINUE ] && \
-		run_iptables -I $chain 2 -p tcp --syn -j @$chain
+	    if [ -n "$synparams" ]; then
+		case $policy in
+		    ACCEPT|CONTINUE|QUEUE)
+			run_iptables -I $chain 2 -p tcp --syn -j @$chain
+			;;
+		esac
+	    fi
 	fi
 
     done