{
    my $sshd_autoblock = ${'sshd'}{'AutoBlock'} || "disabled";
    my $sshd_public = ${'sshd'}{'access'} || "private";
    my $sshd_port = ${'sshd'}{'TCPPort'} || "22";

    if ($sshd_autoblock eq "enabled" && $sshd_public eq "public" ) {
	$OUT  = "    # SSH autoblock enabled - send new SSH connects through recent IPs filter\n";
	$OUT .= "    /sbin/iptables --append \$NEW_InboundTCP --proto tcp --dport $sshd_port \\\n";
	$OUT .= "        -m state --state NEW -j SSH_Autoblock\n"
    } else {
	$OUT  = "    # SSH autoblock disabled or sshd access is private\n";
    }
}
