Tiger is right, you should capture the traffic and analyze it. My concern, were this set up on my own network is that you seem to have a wireless router that is multi-homed? Both having it's own internet access and access to the internal network? Is that what you were saying?

Doesn't that constitute a network bridge and possibly violate a security policy standard?

Without the event count and a time period, it is hard to say how much this "SYN Flood" is a real issue, but I agree with Tiger on getting a packet capture. Run something on the inside of the router and another on the outside and take a look. See if there is a correlation between the traffic in and out of the router's external IP(s) and the traffic on the inside private IP(s).

Backtrack all the outside network IP traffic using SamSpade or some other tool. I like PingPlotter for finding the source IPs. That will tell you if all the connections being made are legit. If you have a keylogger or other trojan, it will show up there.