diff --git a/firewall/firewall.go b/firewall/firewall.go
index e8675455..4a0f74c4 100644
--- a/firewall/firewall.go
+++ b/firewall/firewall.go
@@ -146,6 +146,7 @@ func handlePacket(pkt packet.Packet) {
 			pkt.PermanentAccept()
 			return
 		}
+		// TODO: Howto handle NetBios?
 	}
 
 	// log.Debugf("firewall: pkt %s has ID %s", pkt, pkt.GetLinkID())
@@ -268,8 +269,9 @@ func initialHandler(pkt packet.Packet, link *network.Link) {
 	// 	link.StopFirewallHandler()
 	// 	permanentVerdict(pkt, network.VerdictAccept)
 	case link.Inspect:
+		log.Tracer(pkt.Ctx()).Trace("firewall: start inspecting")
 		link.SetFirewallHandler(inspectThenVerdict)
-		inspectThenVerdict(pkt, link)
+		inspectThenVerdict(pkt, link) // TODO: corrent?: concurrently also called in link.SetFirewallHandler->go link.packetHandler()->fwH(pkt, link)
 	default:
 		link.StopFirewallHandler()
 		issueVerdict(pkt, link, 0, true)
diff --git a/firewall/inspection/inspection.go b/firewall/inspection/inspection.go
index 3ecd23cc..cce18084 100644
--- a/firewall/inspection/inspection.go
+++ b/firewall/inspection/inspection.go
@@ -64,7 +64,7 @@ func RunInspectors(pkt packet.Packet, link *network.Link) (network.Verdict, bool
 			continue
 		}
 
-		action := inspectors[key](pkt, link)
+		action := inspectors[key](pkt, link) // Actually run inspector
 		switch action {
 		case DO_NOTHING:
 			if verdict < network.VerdictAccept {