Hi guys!

Back in the day I used to have a VM holding nginx and all the crap exposed…and I did set it up with fail2ban. I moved away from it, as the OS upgrade was turning messy, and rebuilt onto an LXC container. How should I use fail2ban/iptables in order to protect/harden my LXC container/server? Do the same conditions apply, or will I have any limitations/issues due to the container itself?

Thanks!

  • iturnedintoanewt@lemm.eeOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    Thanks I appreciate your reply… I have a bit of concern about an unprivileged container having firewall limitations (as I might have read in the past this was…finicky), but I’m going to give it a shot.

    • 486@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      3 months ago

      I’m exclusively running unprivileged LXC containers and haven’t had any issues regarding the firewall, neither with iptables nor nftables.

    • K3CAN@lemmy.radio
      link
      fedilink
      English
      arrow-up
      3
      ·
      3 months ago

      I’ve also been running nginx in an unprivileged LXC container. I haven’t used fail2ban, specifically, but crowdsec has been working without issue.

      You can mostly just treat an LXC like a normal VM.