Trustworthiness of state table

[Faux Pas III]

I'm curious what all characteristics of a packet are examined to 
determine if it's NEW, RELATED, or ESTABLISHED from a state 
tracking point of view.  I typically put:

iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

as the first line in my firewall scripts, but I'm wondering if
it might be possible to slip a rogue packet through that... it
seems like it should be checking:

src and dst addresses
protocol/ip type
src and dst ports, if applicable
icmp type, if applicable (should be a response to whatever initiated the
	state-table entry)
sequence number, if it's tcp

-- 
Josh Litherland (fauxpas@trellisinc.com)
 It is by caffeine alone that I set my mind in motion.
  It is by the juice of Mtn Dew that thoughts acquire speed.