This is an old revision of the document!
Iptables/Netfilter sshguard
Install sshguard and add rules to netfilter.
Netfilter rules example
#!/bin/sh /sbin/iptables -N sshguard /sbin/iptables -A sshguard -m conntrack --ctstate NEW -m recent --name SSH --update --seconds 120 --hitcount 5 -j DROP /sbin/iptables -A sshguard -m conntrack --ctstate NEW -m recent --name SSH --set -j ACCEPT /sbin/iptables -A sshguard -j ACCEPT /sbin/iptables -A INPUT -p tcp --dport 22 -j sshguard