The easiest and most efficient way I know is to use ipset (see man ipset).
Create a set for the type and options you want (default mask, counters, timeout, etc.), for example..
Code:
ipset create banned hash:ip netmask 24 counters timeout 3600
Then add the IP addresses (you can add more at any time)...
Code:
ipset add banned 41.191.224.5
...
Then in your iptables rules, add the rule to DROP all IPs found in the set...
Code:
iptables -A INPUT -m set --match-set banned src -j DROP
The size in memory for most set types is very efficient, as little as one bit per IP in a range, hashed lookup is fast.
You can easily save the list to a file and initialize the set at boot.