Ali Basel's Tracker SNMP through the SNMP-Interface-down plugin
...and more to come...
SnortSam itself consists of two pieces -- the output plugin within Snort™ and an intelligent agent that runs on the firewall, or a host near the firewall. The agent provides a variety of capabilities that go beyond other automated blocking mechanisms, such as:
White-list support of IP addresses that will never be blocked.
Maximum block time ceiling as well as minimum block time definition for reporting entities.
Flexible, per rule blocking specification, including rule dependent blocking time interval.
A SID filter list of allowed or denied SIDs based on reporting entity.
Misuse/Attack detection engine (including roll-back support) that attempts to mitigate the risk of a self-inflicted Denial-Of-Service in the IDS-Firewall integration.
Repetitive (same IP) block prevention with customizable window to improve performance.
True OPSEC support using the Checkpoint SDK (opsec plugin).
Block tracking and block expiration for firewalls that don't support timeouts.
Multi-threading for faster processing and simultaneous block on multiple devices.
File logging and email notification of events.
... and finally, using the client/server (snort/snortsam) architecture to build large, distributed response networks in a very scalable fashion.
SnortSam is open-source software, free of charge. It can be compiled under any platform and should function across different platforms (please let me know if you encounter any problems), and can be obtained through web download, FTP download, or CVS access. Links are provided in the download section.