Is there any way to block this IP? We are receiving several attempts, we have already identified the user through the SLNet log, but he has a different IP (MAC machine). We have already deleted the user and recreated it but it continues to appear in information events.
One possibility to really block an IP address could be to create a custom firewall rule where the remote IP gets blocked.
But of course IP addresses can change, so if that computer changes IP then it's not blocked anymore, or even worse, when another valid computer takes that IP then they are not able to log in anymore and that one will be very hard to debug in many years from now when everybody forgot about that custom firewall rule that is still active...
Perhaps a new feature request can be added here to avoid generating information messages about failed authentications?