How do we get real client IP inside docker in OpenSSHServer

I am using open ssh server container on a host open to internet. My logs are full of random scans, but all of them are logged with client IP of 10.0.0.2. How do I get real client IP exposed to openssh container, so that I can add fail2ban or similar approach?

2021-09-24 19:25:51.679801062  Failed password for invalid user vagrant from 10.0.0.2 port 48040 ssh2
2021-09-24 19:25:51.681088955  Failed password for invalid user root from 10.0.0.2 port 48030 ssh2
2021-09-24 19:25:51.682022926  Failed password for invalid user test from 10.0.0.2 port 48034 ssh2
2021-09-24 19:25:51.684935041  Could not get shadow information for NOUSER
2021-09-24 19:25:51.686733724  Failed password for invalid user ec2-user from 10.0.0.2 port 48028 ssh2
2021-09-24 19:25:51.695385366  Failed password for invalid user oracle from 10.0.0.2 port 48038 ssh2
2021-09-24 19:25:58.106181006  Connection closed by invalid user guest 10.0.0.2 port 48036 [preauth]
2021-09-24 19:25:58.109143991  Connection closed by invalid user postgres 10.0.0.2 port 48042 [preauth]
2021-09-24 19:25:58.109847168  Connection closed by invalid user ubuntu 10.0.0.2 port 48032 [preauth]
2021-09-24 19:25:58.112933244  Connection closed by invalid user root 10.0.0.2 port 48030 [preauth]
2021-09-24 19:25:58.114633318  Connection closed by invalid user test 10.0.0.2 port 48034 [preauth]
2021-09-24 19:25:58.114645725  Connection closed by invalid user vagrant 10.0.0.2 port 48040 [preauth]
2021-09-24 19:25:58.114648151  Connection closed by invalid user ec2-user 10.0.0.2 port 48028 [preauth]
2021-09-24 19:25:58.114650262  Connection closed by invalid user oracle 10.0.0.2 port 48038 [preauth]