Bro can be used to send the IPs of scanning or attacking hosts to your router, so that the router can drop these hosts.
Since every router does this differently, you will need to write a script that works for your router.
To active your custom drop script, add this to your hostname.bro file:
@load scan redef can_drop_connectivity = T; redef drop_connectivity_script = "my_drop_script";
At LBL we use a program called acld to update the ACLs in our boarder routers on the fly. This code is available at: ftp://ftp.ee.lbl.gov/acld.tar.gz