% sudo pkg install py27-fail2ban
% sudo vim /usr/local/etc/fail2ban/jail.local
[ssh-pf]
enabled = true
filter = sshd
action = pf
logpath = /var/log/auth.log
% sudo vim /usr/local/etc/fail2ban/action.d/pf.conf
[Definition]
actionstart =
actionstop =
actioncheck =
actionban = /sbin/pfctl -t <tablename> -T add /32
actionunban = /sbin/pfctl -t <tablename> -T delete /32
[Init]
tablename = fail2ban
% sudo vim /etc/pf.conf
table <fail2ban> persist
block in on $ext_if from <fail2ban>
% sudo vim /etc/rc.conf
fail2ban_enable="YES"
% sudo service pf reload
% sudo service fail2ban restart
% sudo pfctl -t fail2ban -T show
http://www.fail2ban.org/wiki/index.php/Talk:HOWTO_use_geoiplookup