Does anybody know how this works?
(I see there is a table for it, but it does not seem to work) Maybe it needs to be activated somehow? But how? Maybe a specific rule?
I know, there was already a question about this, but there have been no answers which really answer this question (even thoug there was a discussion - search "sshlockout").
So, I'll try again… maybe this time somebody writes who knows how this works.
PS: The intention of sshlockout is to blacklist so-called dictionary attacks. This means if somebody tries to login to your pFsense box or some other machine behind the pfSense box using ssh and does a certain amount of wrong attempts he gets blacklisted for some time. This is a good thing... but right now it is not active (current snapshot).
I htink it will work the same way as BFD for APF, something like it.