--- e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/42CreateSSHAutoblock.orig	2014-03-07 13:19:05.000000000 +1100
+++ e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/42CreateSSHAutoblock	2014-04-04 13:24:36.000000000 +1100
@@ -0,0 +1,15 @@
+{
+    my $abtries = ${'sshd'}{'AutoBlockTries'} || "4";
+    my $abtime = ${'sshd'}{'AutoBlockTime'} || "900";
+
+    $OUT .=<<"EOF";
+
+    # Use recent packets match to block SSH from sites generating
+    # $abtries connections within $abtime seconds
+    # Check/clear IP block status in /proc/net/ipt_recent/SSH
+    /sbin/iptables --new-chain SSH_Autoblock
+    /sbin/iptables --append SSH_Autoblock -m recent --set --name SSH
+    /sbin/iptables --append SSH_Autoblock -m recent --rcheck --rttl \\
+	--seconds $abtime --hitcount $abtries --name SSH -j denylog
+EOF
+}

--- e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90InboundTCP07FilterSSH.orig	2014-03-07 13:18:57.000000000 +1100
+++ e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90InboundTCP07FilterSSH	2014-04-04 13:24:45.000000000 +1100
@@ -0,0 +1,13 @@
+{
+    my $sshd_autoblock = ${'sshd'}{'AutoBlock'} || "disabled";
+    my $sshd_public = ${'sshd'}{'access'} || "private";
+    my $sshd_port = ${'sshd'}{'TCPPort'} || "22";
+
+    if ($sshd_autoblock eq "enabled" && $sshd_public eq "public" ) {
+	$OUT  = "    # SSH autoblock enabled - send new SSH connects through recent IPs filter\n";
+	$OUT .= "    /sbin/iptables --append \$NEW_InboundTCP --proto tcp --dport $sshd_port \\\n";
+	$OUT .= "        -m state --state NEW -j SSH_Autoblock\n"
+    } else {
+	$OUT  = "    # SSH autoblock disabled or sshd access is private\n";
+    }
+}

--- e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustSSHAutoblock.orig	2014-03-02 12:58:57.210293210 +1100
+++ e-smith-openssh-2.2.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustSSHAutoblock	2014-04-04 13:24:18.000000000 +1100
@@ -0,0 +1,12 @@
+{
+    my $abtries = ${'sshd'}{'AutoBlockTries'} || "4";
+    my $abtime = ${'sshd'}{'AutoBlockTime'} || "900";
+
+    $OUT .=<<"EOF";
+
+    /sbin/iptables --replace SSH_Autoblock 2 -m recent --rcheck --rttl \\
+	--seconds $abtime --hitcount $abtries --name SSH -j denylog
+    # Clear SSH_Autoblock site history too
+    echo clear > /proc/net/ipt_recent/SSH
+EOF
+}

--- e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlock.orig	2014-03-19 14:02:47.000000000 +1100
+++ e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlock	2014-04-04 13:24:41.000000000 +1100
@@ -0,0 +1 @@
+disabled

--- e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlockTries.orig	2014-03-19 14:02:47.000000000 +1100
+++ e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlockTries	2014-04-04 13:24:47.000000000 +1100
@@ -0,0 +1 @@
+4

--- e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlockTime.orig	2014-03-19 14:02:47.000000000 +1100
+++ e-smith-openssh-2.2.0/root/etc/e-smith/db/configuration/defaults/sshd/AutoBlockTime	2014-04-04 13:24:52.000000000 +1100
@@ -0,0 +1 @@
+900