So how do we add a rule that DROP's all packets from evil haxxor Nisse?
We've determined that Nisse has ipaddress 192.168.45.3

iptables -t filter -A INPUT -s 192.168.45.3 -j DROP
iptables
program used to modify iptables rules
-t filter
-t specifies which table we want to modify
filter is the default table if not specified
-A INPUT
-A is used to add a rule to the end of a chain
INPUT is the chain we want to add a rule to.
-s 192.168.45.3
sourceaddress we want to match
-j DROP
-j specifies the action we want performed if this rule matches
DROP is the action and it just drops the packet to the floor