I've found that the screen settings are a much better solution to fighting issues like syn attacks than firewall filters because of the nature of these attacks. The issue with filters is the changing nature of the packets and sources. These do work well if you have specific combinations of protocol, port and destination address that can easily be dropped. Or if there is some other reliable pattern to match on. But the heuristic basis of the screens typically work better in my opinion on syn attacks.
But the best solutions are DDoS specific offramp scrubbing products like Arbor Networks.