Apply by doing:
        cd /usr/src
        patch -p0 < 019_tcp2.patch

Rebuild your kernel.

Index: sys/netinet/tcp_input.c
===================================================================
RCS file: /cvs/src/sys/netinet/tcp_input.c,v
retrieving revision 1.132.2.2
retrieving revision 1.132.2.3
diff -u -p -r1.132.2.2 -r1.132.2.3
--- sys/netinet/tcp_input.c	3 Mar 2004 08:37:05 -0000	1.132.2.2
+++ sys/netinet/tcp_input.c	6 May 2004 00:39:39 -0000	1.132.2.3
@@ -116,6 +116,10 @@ int tcp_rst_ppslim = 100;		/* 100pps */
 int tcp_rst_ppslim_count = 0;
 struct timeval tcp_rst_ppslim_last;
 
+int tcp_synack_ppslim = 100;		/* 100pps */
+int tcp_synack_ppslim_count = 0;
+struct timeval tcp_synack_ppslim_last;
+
 #endif /* TUBA_INCLUDE */
 #define TCP_PAWS_IDLE	(24 * 24 * 60 * 60 * PR_SLOWHZ)
 
@@ -1620,8 +1624,12 @@ trimthenstep6:
 	 * error and we send an RST and drop the connection.
 	 */
 	if (tiflags & TH_SYN) {
-		tp = tcp_drop(tp, ECONNRESET);
-		goto dropwithreset;
+		if (ppsratecheck(&tcp_synack_ppslim_last, &tcp_synack_ppslim_count,
+		    tcp_synack_ppslim) == 0) {
+			/* XXX stat */
+			goto drop;
+		}
+		goto dropafterack;
 	}
 
 	/*