Hi guys!

Back in the day I used to have a VM holding nginx and all the crap exposed…and I did set it up with fail2ban. I moved away from it, as the OS upgrade was turning messy, and rebuilt onto an LXC container. How should I use fail2ban/iptables in order to protect/harden my LXC container/server? Do the same conditions apply, or will I have any limitations/issues due to the container itself?

Thanks!

  • @[email protected]OP
    link
    fedilink
    English
    13 months ago

    Thanks I appreciate your reply… I have a bit of concern about an unprivileged container having firewall limitations (as I might have read in the past this was…finicky), but I’m going to give it a shot.

    • @486
      link
      English
      33 months ago

      I’m exclusively running unprivileged LXC containers and haven’t had any issues regarding the firewall, neither with iptables nor nftables.

    • K3CAN
      link
      fedilink
      English
      33 months ago

      I’ve also been running nginx in an unprivileged LXC container. I haven’t used fail2ban, specifically, but crowdsec has been working without issue.

      You can mostly just treat an LXC like a normal VM.