Hello, this command can be used to add iptables rule for incoming connections.
It will block connections to multiple defined ports. This time port 21 and 22 (FTP and SSH)

Code:
iptables -A INPUT -p tcp -m multiport --destination-port 21,22 src -j DROP
(not sure about " src" part)

if you want to block only IPs listed in your IPset blacklist, try:

Code:
iptables -A INPUT -p tcp -m multiport --destination-port 21,22 -m set --match-set blocklist src -j DROP