{
    my $abtries = ${'sshd'}{'AutoBlockTries'} || "4";
    my $abtime = ${'sshd'}{'AutoBlockTime'} || "900";

    $OUT .=<<"EOF";

    /sbin/iptables --replace SSH_Autoblock 2 -m recent --rcheck --rttl \\
	--seconds $abtime --hitcount $abtries --name SSH -j denylog
    # Clear SSH_Autoblock site history too
    echo / > /proc/net/xt_recent/SSH
EOF
}
