Brute-force attacks can create a lot of noise in system logs.
It could be convenient to be able to use a command to block a specific IP:
$ pfctl -t badhosts -T add $IP_TO_BLOCK
pf has the advantage to create easier to read rules than ipfilter and ipfw,
and to be still actively maintained.