Banning with iptables

[John]

Since I've read that MOHAA:SH doesn't do a great job of banning people based
on IP addresses (and I'm not yet using a third-party admin app), I decided
to block the "bad" IPs using locally installed iptables.

I'm sure many here already know how to do this, but maybe this will help
someone.

I built several rules in iptables allowing MOHAA:SH to do its thing. But I
wanted to dynamically create DROP rules to block any banned IP. I build a
separate file of the IPs in question (one per line). Then I put the
following in my iptables script (above the MOHAA:SH rules):

for i in `cat /root/ban_list`
do
$IPTABLES -A INPUT -s $i -i eth0 -d $NIC -j DROP
done

-- -- -- --

Here is my test 'ban_list':
192.168.0.1
222.33.222.11
10.0.0.3
25.67.44.62

-- -- -- --

This will build:
DROP       all  --  192.168.0.1        10.10.10.160
DROP       all  --  222.33.222.11    10.10.10.160
DROP       all  --  10.0.0.3              10.10.10.160
DROP       all  --  25.67.44.62        10.10.10.160