How to block/blackhole all Chinese subnets on port 22 (sshd)

1. Get a list of subnets like so: $ wget http://www.okean.com/chinacidr.txt
2. Execute this command ...

 $  for i in `grep -v "^#" chinacidr.txt | cut -f1 -d' '`; do sudo ~/scripts/blackhole-port22.sh $i; done

... where ...

$ cat ~/scripts/blackhole-port22.sh

#!/bin/sh
hole=$1
sudo /sbin/iptables -v -t filter -I INPUT -p tcp --dport 22 -s $hole -j REJECT

... maybe someday the Chinese will stop attempting brute force attacks against sshd. LOL!