Possible to use this image with user namespaces?

[studioph]

I'm running Docker with user namespace remapping (for anyone not familiar with this instead of running as root your containers run as a separate (typically unprivileged) user+group id that you generate). However, per the documentation on that page, user namespaces are incompatible with host mode networking for containers.

My question is, will this work as intended without host mode networking, or is that required in order to actually ban the ips and I should be looking at running fail2ban on the host directly? Networking is not my area of expertise (I've also never used anything other than the default bridge networking mode in Docker) so apologies if this is a seemingly absurd question.