Quote:
OpenBSD's pF is a stateful firewall that can act as a proxy for connections. The connection handshake is validated (with the client) instead of just forwarding the packet on to the destination. It is available for other BSDs as well, also known as a synproxy.
What firewall architecture are you currently using?
What does your netscreen firewall documentation say about synflood attacks?
(from my mobile phone...)