iptables inside container doesn't work - NET_ADMIN also didn't help

Question

Hi Folks,  
I have a container with fail2ban on it. On my development computer when I add this to docker-compose:  
Code:

```
    cap_add:
     - NET_ADMIN
     - NET_RAW
```

I can see rules are added to iptables both inside container and outside it and it works properly. When I try the same configuration on EC2 instance, i can see those rules inside container, but not on the host system. What's wrong?  
Thanks in advance.

Answer

Decided to give up with the idea and as the alternative, mount log files of the container into equivalent place on the host system. So a standard fail2ban installation would read those log files and set the host system IP tables accordingly. This worked well.

iptables inside container doesn't work - NET_ADMIN also didn't help

相關內容