diff --git a/ipv4-rules.sh b/ipv4-rules.sh
index 3f522f3..5003ea0 100755
--- a/ipv4-rules.sh
+++ b/ipv4-rules.sh
@@ -43,7 +43,7 @@ function addTor() {
       return 1
     fi
     read -r orip orport <<<$(tr ':' ' ' <<<$relay)
-    local common="$ipt -A INPUT -p tcp --dst $orip --dport $orport --syn"
+    local common="$ipt -A INPUT -p tcp --dst $orip --dport $orport"
 
     local ddoslist="tor-ddos-$orport" # this holds ips classified as DDoS'ing the local OR port
     __create_ipset $ddoslist "maxelem $max timeout $((24 * 3600))"
@@ -63,7 +63,7 @@ function addTor() {
     $common -m connlimit --connlimit-mask $prefix --connlimit-above 9 -j $jump
 
     # rule 4
-    $common -j ACCEPT
+    $common --syn -j ACCEPT
   done
 }
 
diff --git a/ipv6-rules.sh b/ipv6-rules.sh
index 2def94a..4c8e16d 100755
--- a/ipv6-rules.sh
+++ b/ipv6-rules.sh
@@ -51,7 +51,7 @@ function addTor() {
       orip+="/0"
       echo " notice: using global unicast IPv6 address [::]" >&2
     fi
-    local common="$ipt -A INPUT -p tcp --dst $orip --dport $orport --syn"
+    local common="$ipt -A INPUT -p tcp --dst $orip --dport $orport"
 
     local ddoslist="tor-ddos6-$orport" # this holds ips classified as DDoS'ing the local OR port
     __create_ipset $ddoslist "maxelem $max timeout $((24 * 3600)) netmask $prefix"
@@ -71,7 +71,7 @@ function addTor() {
     $common -m connlimit --connlimit-mask $prefix --connlimit-above 9 -j $jump
 
     # rule 4
-    $common -j ACCEPT
+    $common --syn -j ACCEPT
   done
 }