hello guys
good time

I want to if everyone try to connect ssh in 5 times, my router deny his/her src address !
how to detect failed and wrong password connection 5 times in 1 minute ?

have you seen

You made SSH available to public?

Close SSH to public and use VPN

Yes possible, using 'dst-limit' on the 'new' connection state in ip firewall filter or an old, long way is to create staged address-lists with short timeoutes.

Management stuff - as rextended suggested, is much better over VPN with maybe some kind of port-knock system to get in - in those rare instances VPN is not available (some carrier NAT or hotspot systems may block it)