ipset is used to set up, maintain and inspect so called IP sets in the Linux kernel

To create ip set called hacker_ips $ sudo ipset -N hacker_ips iphash

To add IP address to the hacker_ips ipset $ sudo ipset -A hacker_ips 172.122.150.22 $ sudo ipset -A hacker_ips 192.168.100.22

To drop all ip address stored in ipset called hacker_ips $ iptables -A INPUT -m set --set hacker_ips src -j DROP

To create ipset named my_blacklist $ sudo ipset create my_blacklist hash:ip hashsize 4096

To drop all ip address stored in ipset called my_blacklist $ sudo iptables -A INPUT -m set --set my_blacklist src -j DROP

To add IP address in ipset my_blacklist $ sudo ipset add my_blacklist 192.168.100.22 $ sudo ipset add my_blacklist 172.122.150.22 $ sudo ipset add my_blacklist 192.168.100.10/24

To make ipset persistent across reboots $ sudo ipset save > /etc/ipset.conf

To view the sets $ sudo ipset -L

To delete a set named hacker_blacklist $ sudo ipset -X hacker_blacklist

To delete all sets $ sudo ipset destroy

regards, T.Dhanasekar