iptables(8) -I INPUT 1 -s <ip> -j DROP<ip> -j 
administration tool for IPv4 packet filtering and NAT
 
-I, --insert chain [rulenum] rule-specification
       Insert one or more rules in the selected chain as the given rule number.  So, if the  rule  number
       is  1,  the  rule  or rules are inserted at the head of the chain.  This is also the default if no
       rule number is specified.
 
[!] -s, --source address[/mask][,...]
       Source specification. Address can be either a network name, a hostname, a network IP address (with
       /mask),  or a plain IP address. Hostnames will be resolved once only, before the rule is submitted
       to the kernel.  Please note that specifying any name to be resolved with a remote  query  such  as
       DNS is a really bad idea.  The mask can be either a network mask or a plain number, specifying the
       number of 1's at the left side of the  network  mask.   Thus,  a  mask  of  24  is  equivalent  to
       255.255.255.0.   A "!" argument before the address specification inverts the sense of the address.
       The flag --src is an alias for this option.  Multiple addresses can be specified,  but  this  will
       expand  to  multiple rules (when adding with -A), or will cause multiple rules to be deleted (with
       -D).
 
Before a command is executed, its input and output may be redirected using a special notation interpreted
by  the  shell.   Redirection  may  also  be used to open and close files for the current shell execution
environment.  The following redirection operators may precede or appear anywhere within a simple  command
or may follow a command.  Redirections are processed in the order they appear, from left to right.

Redirecting Input
    Redirection  of  input  causes  the  file  whose name results from the expansion of word to be opened for
    reading on file descriptor n, or the standard input (file descriptor 0) if n is not specified.

    The general format for redirecting input is:

           [n]<word
 
Before a command is executed, its input and output may be redirected using a special notation interpreted
by  the  shell.   Redirection  may  also  be used to open and close files for the current shell execution
environment.  The following redirection operators may precede or appear anywhere within a simple  command
or may follow a command.  Redirections are processed in the order they appear, from left to right.

Redirecting Output
    Redirection of output causes the file whose name results from the expansion of  word  to  be  opened  for
    writing  on  file descriptor n, or the standard output (file descriptor 1) if n is not specified.  If the
    file does not exist it is created; if it does exist it is truncated to zero size.

    The general format for redirecting output is:

           [n]>word

    If the redirection operator is >, and the noclobber option to the  set  builtin  has  been  enabled,  the
    redirection  will  fail if the file whose name results from the expansion of word exists and is a regular
    file.  If the redirection operator is >|, or the redirection operator is > and the  noclobber  option  to
    the  set  builtin  command  is  not  enabled, the redirection is attempted even if the file named by word
    exists.
source manpages: iptables