Index: netinet/tcp_input.c
===================================================================
RCS file: /u/open/cvs/src/sys/netinet/tcp_input.c,v
retrieving revision 1.125.2.2
diff -u -r1.125.2.2 tcp_input.c
--- netinet/tcp_input.c	3 Mar 2004 08:40:07 -0000	1.125.2.2
+++ netinet/tcp_input.c	11 May 2004 21:30:39 -0000
@@ -120,6 +120,10 @@
 int tcp_rst_ppslim_count = 0;
 struct timeval tcp_rst_ppslim_last;
 
+int tcp_synack_ppslim = 100;		/* 100pps */
+int tcp_synack_ppslim_count = 0;
+struct timeval tcp_synack_ppslim_last;
+
 #endif /* TUBA_INCLUDE */
 #define TCP_PAWS_IDLE	(24 * 24 * 60 * 60 * PR_SLOWHZ)
 
@@ -1628,8 +1632,12 @@
 	 * error and we send an RST and drop the connection.
 	 */
 	if (tiflags & TH_SYN) {
-		tp = tcp_drop(tp, ECONNRESET);
-		goto dropwithreset;
+		if (ppsratecheck(&tcp_synack_ppslim_last, &tcp_synack_ppslim_count,
+		    tcp_synack_ppslim) == 0) {
+			/* XXX stat */
+			goto drop;
+		}
+		goto dropafterack;
 	}
 
 	/*