Send repeat (fail2ban) offenders to hosts.deny

I'm using fail2ban to keep the bandits off my server. It's great!
But there are so many bots that just keep poking at the server that I want to permanently ban them after a few repeated attempts.

Other solutions on the web involve added fail2ban jail scripts that add the offending IP's to the existing list of iptables rules. I am trying a simpler solution:

  • Parse through the fail2ban logs,
  • get the repeatedly banned IP's, and
  • append them to /etc/hosts.deny.

I will try the following script first, and see if it takes. If it's effective, I'll just add it to a crontab.
for addr in $(sort -k 8,8 /var/log/fail2ban.log | \
awk '$3 ~ "fail2ban.actions" && $7 == "Ban" { print $8 }' | \
uniq -c | \
awk '$1 > 2 {print $2}')
grep -q $addr /etc/hosts.deny || echo "ALL: $addr" >> /etc/hosts.deny