Depends on how it's configured. If there's no signature for whatever shellcode or rootkit is being used, and the firewall is configured to generally let stuff through, then it may never warn about this.

I have seen computers with current anti-virus definitions and a reasonably secure firewall get owned by trojans.