http://Denyhosts.sf.net rocks, or in the FreeBSD ports collection
/usr/ports/security/denyhosts/ (just do make install clean)
It is easy to use this with an multiple jail environment, just make one jail in the same partition(!) the master denyhost.
The jaildisk is /jaildisk1, the FreeBSD denyhosts installed in /jaildisk1/henk/etc/hosts.deniedssh.
Cd to /jaildisk, hardlink with “ln /jaildisk1/henk/etc/hosts.deniedssh /jaildisk1/user2/etc/hosts.deniedssh”
Edit the /etc/hosts.allow off course with adding the entry
sshd : /etc/hosts.deniedssh : deny
on the top somewhere
Note, hard links only works on the same slice in this example /jaildisk1
