Sshguard

sshguard is an intrusion prevention system. sshguard parses server logs, determines malicious activity, and then bans malicious users via firewall rules. sshguard is written in C so it does not tax an interprator.

Emerge
Install :

Configuration
sshguard does not have a configuration file. sshguard is controlled by flags passed to it upon execution.

is where flags & log path can be passed to the sshguard service.

Logs
sshguard will fail to start unless it has proper authorization logs to monitor.

IP v4
Generate blank iptables rules, and start iptables as outlined here.

Insert these rules to allow sshguard to ban malicious users.

&& to block all trafic from offenders

OpenRC
To start sshguard immediately:

To start sshguard upon reboot: