iptables inside container doesn't work - NET_ADMIN also didn't help

Hi Folks,
I have a container with fail2ban on it. On my development computer when I add this to docker-compose:
Code:

    cap_add:
     - NET_ADMIN
     - NET_RAW

I can see rules are added to iptables both inside container and outside it and it works properly. When I try the same configuration on EC2 instance, i can see those rules inside container, but not on the host system. What's wrong?
Thanks in advance.

주제

컨테이너

태그

컨테이너

언어

English

aario

질문됨 5년 전645회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

이 답변이 도움이 되었나요?커뮤니티가 여러분의 지식을 활용할 수 있도록 정답을 찬성하세요.

Decided to give up with the idea and as the alternative, mount log files of the container into equivalent place on the host system. So a standard fail2ban installation would read those log files and set the host system IP tables accordingly. This worked well.

aario

답변함 5년 전

iptables inside container doesn't work - NET_ADMIN also didn't help

관련 콘텐츠