Hi, I'm considering an option to evaluate connecting IPs before they're evaluated by `pf` in order to make some decisions about the "reputation" of a connecting IP. Then if that reputation is low enough, some action could either be taken: in `pf` to protect the associated application (say by blocking the connection); or in the app responsible for the listening port.
`pf`, unfortunately, isn't able to make routing decisions based on external factors (insofar as I understand)--I'm hoping to add some additional (very simple) intelligence to that. Just another metric or two for determining if a connection is legitimate. I've been looking into TCP wrappers for OpenBSD but it seems that this functionality was removed in version 5. Is my understanding of that correct? If so, is there an alternate way to achieve what I mentioned? I know I can use something like sshguard or fail2ban, but I'm looking for a much simpler option and one that preferably doesn't rely on tailing log files (if there aren't viable alternatives, I may consider these, however). ~ Tom
