Add following to your /etc/pf.conf
# if re0 is your card
$ext_if="re0"
# this goes in the top
table <bad_guys> persist
...
block in quick on $ext_if from <bad_guys> to any
Add following to your /etc/syslog.conf
auth.info;authpriv.info |/root/auth_checker.pl
(assuming that auth_checker.pl is in /root directory)
