This might sound like a bit of a strange question, but I've just taken a sample of over 80 IPs which have failed SSH authentication, and I've mapped them using an online mapping tool.
All of them came from China / Korea... my question is how can I block a range of IPs which would stop these countries being allowed to make SSH requests to my machine, as it's just filling up my logs and wasting traffic.
I'm using shorewall as my firewall if that helps.
To solve this issue people usually implement tools like
sshguardorfail2ban.Find sshguard at: http://www.sshguard.net/
Find fail2ban at: http://www.fail2ban.org/wiki/index.php/Main_Page
Use geoip. Xtables is your friend.
A generic solution for bruteforce denials is denyhosts. Check it out at http://denyhosts.sourceforge.net/
This will block any IP after a configured count of failed login attempts. It also works for FTP daemons and every other tool that comes with tcp wrapper support.