Analyzes snort alert output and blocks ip addresses using pf for a specified period of time. A passlist is specified in CIDR format to exclude local and trusted ip address from being blocked.