Anyone know the answer to this conundrum? I have set up pam_shield to allow my IP; when I test it by generating 5 bad logins (threshold is 5 per 10m), I see pam_shield print 'allowing from <my ip>/255.255.255.255' in the logs; and yet after 5 login attempts it blocks my ip. -- "We will need a longer wall when the revolution comes." --- AJS, quoting an uncertain source.