iptables inside container doesn't work - NET_ADMIN also didn't help

0

Hi Folks,
I have a container with fail2ban on it. On my development computer when I add this to docker-compose:
Code:

    cap_add:
     - NET_ADMIN
     - NET_RAW

I can see rules are added to iptables both inside container and outside it and it works properly. When I try the same configuration on EC2 instance, i can see those rules inside container, but not on the host system. What's wrong?
Thanks in advance.

aario
asked 4 years ago136 views
1 Answer
0

Decided to give up with the idea and as the alternative, mount log files of the container into equivalent place on the host system. So a standard fail2ban installation would read those log files and set the host system IP tables accordingly. This worked well.

aario
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions