How do I block specific incoming ip address?

Following iptable rule will drop incoming connection from host/IP 202.54.20.22:

#iptables -A INPUT -s 202.54.20.22 -j DROP

# iptables -A OUTPUT -d 202.54.20.22 -j DROP

A simple shell script to block lots of IP address

If you have lots of IP address use the following shell script:

A) Create a text file:

# vi /root/ip.blocked
Now append IP address:

# Ip address block  file
202.54.20.22
202.54.20.1/24
#65.66.36.87

B) Create a script as follows or add following script line to existing iptables shell script:

BLOCKDB=”/root/ip.blocked”
IPS=$(grep -Ev "^#" $BLOCKDB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
done

C) Save and close the file.