Extend libblacklist support with new action types


Extend libblacklist support with new action types

The original blacklist library supported two notification types:

  • failed auth attempt, which incremented the failed login count by one for the remote address
  • successful auth attempt, which reset the failed login count to zero for that remote address

When the failed login count reached the limit in the configuration
file, the remote address would be blocked by a packet filter.

This patch implements a new notification type, "abusive behavior",
and accepts, but does not act on an additional type, "bad username".
It is envisioned that a system administrator will configure a small
list of "known bad usernames" that should be blocked immediately.

Reviewed by: emaste
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D10604