From 03433f79cd52a87c3fd7309e7fe9967076bbb866 Mon Sep 17 00:00:00 2001
From: Michael Gebetsroither <michael@mgeb.org>
Date: Fri, 4 Jan 2013 16:09:04 +0100
Subject: [PATCH] add example jail.conf for blocking through blackhole routes
 for ssh

---
 config/jail.conf | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/config/jail.conf b/config/jail.conf
index 3f2425b4..fb9f9ca0 100644
--- a/config/jail.conf
+++ b/config/jail.conf
@@ -101,6 +101,17 @@ action      = hostsdeny
 ignoreregex = for myuser from
 logpath     = /var/log/sshd.log
 
+# Here we use blackhole routes for not requiring any additional kernel support
+# to store large volumes of banned IPs
+
+[ssh-route]
+
+enabled = false
+filter = sshd
+action = route
+logpath = /var/log/sshd.log
+maxretry = 5
+
 # Here we use a combination of Netfilter/Iptables and IPsets
 # for storing large volumes of banned IPs
 #