I have multiple LXC containers which use a nat configuration. I'd like to implement fail2ban on them but since the main firewall is placed on the Proxmox itself I don't know what's the correct way to use fail2ban on containers. I mean, by default, fail2ban actions try to add rules on the local iptables.
Until now I just edited the
--------
Edit:
Another approach (maybe the correct one) could be just have 1 fail2ban instance on the host and create different jails with logpath pointing to the LXC log path (e.g.
Until now I just edited the
/etc/fail2ban/action.d/proxy-iptables.conf file on every LXC and added an ssh rule before any action in order to add those rules on the Proxmox firewall. It worked but my question is: is this the best practice?--------
Edit:
Another approach (maybe the correct one) could be just have 1 fail2ban instance on the host and create different jails with logpath pointing to the LXC log path (e.g.
/rpool/data/subvol-103-disk-0/var/log/auth.log ) .
Last edited: