$ ipset create ssh22 hash:ip timeout 86400-------------------*filter:I

1. $ ipset create ssh22 hash:ip timeout 86400
2.  
3. -------------------
4.  
5. *filter
6. :INPUT ACCEPT [1960:479663]
7. :FORWARD ACCEPT [0:0]
8. :OUTPUT ACCEPT [2218:607501]
9. :SSH - [0:0]
10. :SSH22 - [0:0]
11. -A SSH -p tcp -m tcp --dport 987 -m state --state NEW -m recent --set --name ssh --mask 255.255.255.255 --rsource
12. -A SSH -m recent --update --seconds 300 --reap --hitcount 4 --name ssh --mask 255.255.255.255 --rsource -j DROP
13. -A SSH22 -p tcp --dport 22 -m state --state NEW -j SET --add-set ssh22 src
14. -A SSH22 -m set --match-set ssh22 src -j LOG --log-prefix "[SSH22] "
15. -A SSH22 -m set --match-set ssh22 src -j DROP
16. COMMIT
17.  
18. -------------------
19.  
20. $ ipset list
21. Name: ssh22
22. Type: hash:ip
23. Revision: 4
24. Header: family inet hashsize 1024 maxelem 65536 timeout 86400
25. Size in memory: 200
26. References: 3
27. Number of entries: 0
28. Members: