ipvsadm (lvs) and SuSEFirewall problem

Hello,
I am trying to setup a load balancer, with two real servers on the
private network.
The operating system is SuSE 10.1. I have loaded the ipvsadm package,
as well as the others recommended at the Ultramonkey website.
Here's my test setup:
Client IP address 192.168.0.4 (my workstation)

LVS Director External virtual IP --> 192.168.0.224
LVS Director Internal IP --> 10.0.0.1
I used yast to set up the interfaces, enable ip forwarding, and
masquerading.

Real Server 1 IP address --> 10.0.0.100
Real Server 2 IP address --> 10.0.0.101
Both real servers have 10.0.0.1 as their default gateway.
Both real servers can ping the client workstation (192.168.0.4)

set up the ipvsadm rules as such:
ipvsadm -A -t 192.168.0.224:80
ipvsadm -a -t 192.168.0.224:80 -r 10.0.0.100 -m
ipvsadm -a -t 192.168.0.224:80 -r 10.0.0.101 -m

tcpdump reveals that nat isn't happening on the return trip from the
Real Server to the Client.
192.168.0.4 > 192.168.0.224
192.168.0.4 > 10.0.0.100
10.0.0.100 > 192.168.0.4
.....then nothing

the firewall log shows something interesting:
SFW2-FWDint-DROP-DEFLT-INV IN=eth0 OUT=eth1 SRC=10.0.0.100
DST=192.168.0.4 .....

so I imagine that iptables is dropping the return packet. I don't know
much about iptables, let alone how SuSEFirewall manipulates it, so I'm
stuck. Anyone out there get ipvsadm working with SuSE?
Any help would be greatly appreciated.

Thanks,
benwellborn

.