Can fail2ban work in a separate docker container, although it still somehow implements iptables rules for nginx?

Question

Can fail2ban work in a separate docker container, although it still somehow implements iptables rules for nginx?

I would like to “containerize” fail2ban in my own container, but I did not suspect that it could not set iptables rules in other containers. For example: to protect the nginx installation, would you need to set the iptables rules in the nginx container? And although I can easily exchange the necessary log files from the nginx container to the fail2ban container, fail2ban will not be able to apply iptables prohibition rules to the nginx container without any specially configured fail2ban action?

+4

docker nginx fail2ban

rgareth Aug 17 '15 at 6:06

source share

1 answer

Pablo k · Answer 1 · 2017-08-30T15:39:57+0000

Have you tried https://hub.docker.com/r/superitman/fail2ban/ ? I use it, and it blocks ssh attempts without problems, but I just saw that it does not work with my nginx containers (it seems that ip is added to the host iptables blacklist, but the nginx container, but I'm not sure what the problem is )

Can fail2ban work in a separate docker container, although it still somehow implements iptables rules for nginx?

More articles: