I got a Docker container with OpenVPN inside, and it acts as a server for some clients.
I want to ratelimit possible syn flood from the client's side with Iptables.
So, what I do, is install Iptables, run the container with the NET_ADMIN cap, and insert this rule:
iptables -t mangle -A PREROUTING -p tcp -s 10.0.10.1 --syn -m hashlimit --hashlimit-mode srcip --hashlimit-name synDos --hashlimit-srcmask 32 --hashlimit-above 1000/s --hashlimit-burst 10 -j DROP
But when I connect to the server as a client and try to simulate syn flood with hping3, there is no effect from this rule, and /proc/net/ipt_hashlimit/synDos is empty.