Block IP Addresses based on login or access failure information in system logs. Updates a hosts blockfile (such as hosts.allow) automatically, to block IP addresses. Will also expire previously blocked addresses based on age of last failed login attempt, this keeps the blockfile size manageable. In addition to TCP_WRAPPERS, can also execute iptables or ip route commands to block all TCP/IP network input from an IP address, so all services, even those that do not run under libwrap TCP_WRAPPERS, can be protected. Facilities for whitelists and blacklists, and email notification on major events are also available.