Hi I have OpenBSD 4.2 on a Pentium II laptop running fine, with its ssh port 22 open to the web. However, there are a lot of attacks on that port from various IP addresses across the globe. Even though I have set maximum number of tries to just 2, I would like to be able to note down the IP address (after say 10 unsuccessful login attempts) from where the attacks are coming in and then dynamically add them to hosts.deny for the next few days or permanently.
Can pf do this ? I read the manual but could not find such a feature. I can always write a cron script that reads the messages log file and does this sort of thing, but I was hoping that if such a feature pre-exists I wouldn't have to do it. Any help will be appreciated. Thanks & Regards Vikas
