Block Incoming IP Using dd-wrt (iptables)

While reviewing logs on the email server I noticed 112.121.136.26 trying to authenticate via SASL.
This is not a normal IP that would be relaying email through the server, so I decided to block it at the firewall.
Undoubtedly, someone was trying to relay spam, whether they were aware or not.

First, I logged into my firewall via ssh to get a rule in place immediately:

iptables -I CHAIN -s 112.121.136.26 -j DROP

Listing the rules:

iptables -L --line-number

1 DROP 0 — ppp-112.121.136.26.revip.proen.co.th anywhere

Shows the new rule at the top of the chain. Exactly where I need it.

Now I have to make sure this rule survives rebooting the firewall.
To do this, I used the web interface and added a command to Administration >> Commands.

iptables -I CHAIN -s 112.121.136.26 -j DROP
Clicked the “Save Firewall” button.

I went ahead and rebooted to confirm the new rule was loaded at startup.
No more auth attempts from that IP.

NOTE 1: This method will drop ALL TRAFFIC from the listed IP. Play for keeps.
NOTE 2: If this is your IP, you need to check yo’ self before you wreck yo’ self…

Ongoing Additions:
High Frequency POP3 attempts (multiple a second):
iptables -I CHAIN -s 67.136.48.186 -j DROP
67.136.48.186