-
Notifications
You must be signed in to change notification settings - Fork 397
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Blocked IP addresses still can access docker container (fail2ban) #109
Comments
I have the same problem |
Have a look at the iptables chains which rules are first applied. Seems the ufw rules are applied before the fail2ban rules (named "f2b-..."). In addition ensure that fail2ban prepends the reject rules in the DOCKER-USER chain (or FORWARD chain), so they are applied before the ufw rules. btw: we are using fail2ban as a container (https://github.com/linuxserver/docker-fail2ban -> https://github.com/linuxserver/fail2ban-confs/blob/master/README.md) and our fail2ban / ufw-docker setup works as expected. |
It seems that fail2ban should deny fowording as well for blocking packet to docker container . the following conf works for me /etc/fail2ban/action.d/ufw.conf
|
Thank you for this useful repo!
I followed the instructions to install the tool and forwarded a single docker container to the outside:
And then banned a single IP (I did this manually, but later fail2ban should do that):
Unfortunately, I can still access the docker container at this port from the banned IP. Even though accesses to other ports are banned as expected for the same IP. Any ideas what is going wrong here?
(Possibly related to #17)
The text was updated successfully, but these errors were encountered: