pf synflood mode: 1st ACK


reconstruct the original SYN from the encoded data
our ISN plus one is in the ACK
MSS, WSCALE, SACK encoded
no other tcp option supported
not of any relevance today

shove that through pf_test()
does ruleset evaluation
creates state

find that state and tweak it
we'll never see the SYNACK, pretend we did

3WHS with the destination host
existing synproxy code