将密码输入错误超过4此的IP地址通过firewalld防火墙阻止访问
#!/bin/bash
ip=(`grep Failed password" /var/log/secure | awk `{ array[$(NF-3)]++} END {for(a in array) {if(array[a]>4) print a}}')
for i in ${ip[*]}
do
firewall-cmd --add-rich-rule="rule family=ipv4 source address=$i/32 service name=ssh reject"
done