I'd like to "containerize" fail2ban in its own container but suspect it's not possible for it to set iptables rules in other containers. For example: to protect an nginx installation, it would need to set iptables rules in the nginx container? And although I can easily share the necessary log files from the nginx container to the fail2ban container, fail2ban would be unable to apply the iptables banning rules to the nginx container without some highly custom fail2ban action?
Asked
Active
Viewed 2,517 times
5
-
This is something I'm now chasing, too -- did you find a solution? – Todd Curry Nov 17 '16 at 14:53
-
@ToddCurry: No, I didn't – rgareth Nov 20 '16 at 14:25
-
do you see down side of just putting fail2ban in same container as nginx ? – Scott Stensland Mar 02 '17 at 22:46
1 Answers
1
Have you tried https://hub.docker.com/r/superitman/fail2ban/? I'm using it and it's blocking ssh attempts with no problem, but I've just saw that it's not working with my nginx containers (it seems that the ip is added to the hosts iptables blacklist but the nginx container but I'm not sure what is the problem)
Pablo K
- 125
- 1
- 10