LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-15-2019, 06:39 PM   #1
ario
Member
 
Registered: Nov 2010
Posts: 54

Rep: Reputation: 2
iptables inside container doesn't work - NET_ADMIN also didn't help


Hi Folks,
I have a container with fail2ban on it. On my development computer when I add this to docker-compose:
Code:
    cap_add:
     - NET_ADMIN
     - NET_RAW
I can see rules are added to iptables both inside container and outside it and it works properly. When I try the same configuration on EC2 instance, i can see those rules inside container, but not on the host system. What's wrong?
Thanks in advance.
 
Old 03-22-2019, 02:23 PM   #2
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,608
Blog Entries: 15

Rep: Reputation: 1540Reputation: 1540Reputation: 1540Reputation: 1540Reputation: 1540Reputation: 1540Reputation: 1540Reputation: 1540Reputation: 1540Reputation: 1540Reputation: 1540
Not an expert but I just ran across an issue here where a container kept restarting.

My co-worker after looking into it said it was because the CoreOS setup for docker didn't start Iptables. When the container started it would try to dynamically add to the CoreOS iptables but couldn't since iptables wasn't loaded at start of docker itself. He plans to restart docker itself after having modified the config file for docket to load iptables. He hasn't done that yet so I can't be certain but he has done far more with containers than I.

Posting it as a hint since no one else has responded.

Last edited by MensaWater; 03-22-2019 at 02:50 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SOLVED ! Why logger didn't work inside a cron job ? marozsas Linux - General 3 03-05-2019 12:32 PM
linux container host os and container os question jzoudavy Linux - Newbie 1 09-01-2015 05:21 AM
LXer: Inside the Open Container Project: How Docker plans to unite the container market LXer Syndicated Linux News 0 06-23-2015 04:30 AM
Iptables Port forwarding from inside also Cidi Rome Linux - Networking 8 03-25-2014 06:51 PM
iptables inside client to inside host with outside DNS or IP - Help! linuxhelp2 Linux - Networking 1 10-15-2005 06:19 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration