Hi,
I have a pretty standard setup, noting too crazy. I have a the below docker-compose that when fail2ban creates the rule to ban an ipaddress, it doesn’t work and I am still able to access the website. iptables within the docker creates the rules but doens’t seem to transfer to the host. What am I missing?
host machine is running Centos 7
Thanks for the help!
version: "2"
services:
letsencrypt:
image: linuxserver/letsencrypt
container_name: letsencrypt
cap_add:
- NET_ADMIN
environment:
- PUID=1001
- PGID=1001
- TZ=${TZ}
- URL=domain
- SUBDOMAINS=1,2,3
- VALIDATION=http
- DNSPLUGIN=cloudflare #optional
volumes:
- ${USERDIR}/letsencrypt/config:/config
networks:
- proxy
ports:
- 443:443
- 80:80 #optional
restart: unless-stopped
networks:
proxy:
external: true
iptables within the container
Chain f2b-nextcloud (1 references)
target prot opt source destination
REJECT all -- xxx.xxx.xxx.xxx anywhere reject-with icmp-port-unreachable