[CentOS] issue with fail2ban letting IP's through

Mon May 16 18:16:07 UTC 2011
David Mehler <dave.mehler at gmail.com>

I'm using fail2ban to block bots in conjunction with existing iptables
rules. Here's a few rules from my iptables configuration:

# Set up a temporary pass rule so we don't lock ourselves out when
#doing remote ssh
iptables -P INPUT ACCEPT

# flush the current rules
iptables -F

# Allow SSH connections on tcp port 22
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# Set default policies for INPUT, FORWARD and OUTPUT chains
iptables -P INPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -s -j DROP

This morning the ssh fail2ban jail blocked this:

and the email sent gave me this ip range:
inetnum: -

That shouldn't have even been seen it should have been blocked by the
202/8 drop rule before fail2ban even saw it. Is that not so?

Suggestions welcome.