The following iptable entries will prevent and block repeat failed connections, but not permanently. This allows two new connections every 60 seconds. This is an effective way of blocking automated attacks you will see mostly from Chinese ISP’s.
iptables -A INPUT -p tcp -m tcp -m state -m recent ! -s 10.0.0.0/24 -i eth0 --dport 22 --state NEW --set --name DEFAULT --rsource
iptables -A INPUT -p tcp -m tcp -m state -m recent ! -s 10.0.0.0/24 -i eth0 --dport 22 --state NEW -j DROP --update --seconds 60 --hitcount 2 --name DEFAULT --rsource
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
