If you know the IP block you're trying to prevent from accessing your system(s), why let them log in in the first place? You may want to consider not allowing the log in when it's from the IP blocks that you're sensitive to....
What we do is every month we pick up the IP block allocations from the appropriate regional NIC, then parse the file into a more useable format. We have a daemon process that loads the file and holds it in memory. Our applications send messages to the daemon; the 'request' comprises the IP address and the reply is the two-letter country code that the IP is allocated to.
Here are the ftp addresses for the various regional NICs:
North America: ftp.arin.net/pub/stats/arin/delegated-arin-latest
Asia Pacific: ftp.apnic.net/public/apnic/stats/delegated-apnic-latest
Latin America: ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-latest
Records are delimited with vertical pipes (the '|' symbol).
The first record is a timestamp. The next two (or three) identify the kinds of data in the file (asn are Autonomous System Numbers, ipv4 and ipv6 are self-explanatory). Then comes the meaningful stuff.....
The third field of each record identifies the type of data. You probably don't care about the 'asn' records (unless you want to filter in your gateway routers). The ipv4 and ipv6 records look like this (this is data from afrinic):
The first field identifies afrinic as the source. The second field indicates that this allocation is for Egypt. The third field indicates that it's a Version 4 IP Address. The fourth field tells you the start of the block and the fifth field tells you how many IP Addresses are in the block. Next comes the date in YYYYMMDD format that the block was allocated. And finally, the last field is either 'assigned' or 'allocated' to indicate the status; we treat both equally.
So the example above means that IP Addresses 126.96.36.199 through 188.8.131.52 (that's 4096 IP addresses) were allocated to Egypt on 25-Sep-2000.
It isn't trivial, but it's pretty straightforward.... Hope that helps.