Use terminal
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new action=accept comment="" disabled=no add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new action=drop comment="" disabled=no
Add Connection Tracking
For v6.x:
/ip settings set tcp-syncookies=yes
For older RouterOS versions:
/ip firewall connection tracking set tcp-syncookie=yes