List ban

cd /tmp/
cat /var/log/messages | grep "IP DROP" | awk '{print  $12 "    " $8}'| sed 's/SRC=//' |  sort |  uniq -c | sort -rn |  awk '{print  $2}' |  awk 'NR < 20' >> topSneefer.auto

cat topSneefer.auto >> topSneefer.list

cat topSneefer.list |  awk '{print  "ipset add ban " $0}'  >> ipset.list

получится список по типу 

ipset add ban 1.0.0.0/8

install Ipset

yum install ipset

Creat list
ipset create ban hash:net

Show ipset list
 ipset -L

Edit rule Iptables in conf script
$IPT -I FORWARD -m set --match-set ban src -j DROP

Run conf script
 /tmp/iptables-start.sh

Check rules Iptables
iptables -n -L -v --line-numbers


Very needed command
 less /var/log/messages | grep "IP DROP"  | grep "Jun 2" | awk '{print  $12 "    " $8}'| sed 's/SRC=//' |  sort |  uniq -c | sort -rn | awk 'NR < 20' |awk '{print  "ipset add ban " $2}'

 less /var/log/messages | grep "IP DROP"  | grep "Jul  \|Jun " | awk '{print  $12 "    " $8}'| sed 's/SRC=//' |  sort |  uniq -c | sort -rn | awk 'NR < 20' |awk '{print $1 "    "  "ipset add ban " $2 "/24"}'