Rich Freeman ri...@gentoo.org writes:
On Thu, Jan 15, 2015 at 3:32 PM, lee l...@yagibdah.de wrote:
Rich Freeman ri...@gentoo.org writes:
2. Run fail2ban in each container and have it monitor its own logs,
and then add host iptables rules to block connections.
Containers must not be able to
On Sat, Jan 17, 2015 at 7:56 AM, lee l...@yagibdah.de wrote:
Rich Freeman ri...@gentoo.org writes:
Depends on how you run it, but yes, you might have multiple instances
of fail2ban running this way consuming additional RAM. If you were
really clever with your container setup they could share
Rich Freeman ri...@gentoo.org writes:
On Sun, Jan 11, 2015 at 1:47 PM, lee l...@yagibdah.de wrote:
Same here, so why does fail2ban get involved with containers?
Seems like there are three options here.
1. Run fail2ban on the host and have it look into the containers,
monitor their logs,
On Thu, Jan 15, 2015 at 3:32 PM, lee l...@yagibdah.de wrote:
Rich Freeman ri...@gentoo.org writes:
2. Run fail2ban in each container and have it monitor its own logs,
and then add host iptables rules to block connections.
Containers must not be able to change the firewalling rules of the
On Sun, Jan 11, 2015 at 10:48 AM, lee l...@yagibdah.de wrote:
I don't want to run fail2ban in the container because the container must
not mess with the firewall settings of the host. If a container can do
that, then what's the point of having containers in the first place?
I've never used
see https://bugs.gentoo.org/show_bug.cgi?id=536320
lee l...@yagibdah.de writes:
Hi,
I'm trying to get fail2ban to work on the host and keep getting error
messages like:
,
| Jan 08 21:13:04 [/etc/init.d/fail2ban] You have to create an init script
for each container:
| Jan 08
On Sun, Jan 11, 2015 at 1:47 PM, lee l...@yagibdah.de wrote:
Same here, so why does fail2ban get involved with containers?
Seems like there are three options here.
1. Run fail2ban on the host and have it look into the containers,
monitor their logs, and add host iptables rules to block
Rich Freeman ri...@gentoo.org writes:
On Sun, Jan 11, 2015 at 10:48 AM, lee l...@yagibdah.de wrote:
I don't want to run fail2ban in the container because the container must
not mess with the firewall settings of the host. If a container can do
that, then what's the point of having
Hi,
I'm trying to get fail2ban to work on the host and keep getting error
messages like:
,
| Jan 08 21:13:04 [/etc/init.d/fail2ban] You have to create an init script for
each container:
| Jan 08 21:13:04 [/etc/init.d/fail2ban] ln -s lxc /etc/init.d/lxc.container
| Jan 08 21:13:05
9 matches
Mail list logo