Comment 3 for bug 703873

I wonder if it would be easy to do this using iptables on an outbound firewall. I think you can fairly easily set a maximum permitted SYN rate per source/destination hosts. If that works, it wouldn't need code changes and it would be hard for outgoing services to accidentally subvert.