It seems that some support for iptables exist inside (non-privileged) containers.
For example, I have installed software in a container that installs a ufw firewall, and ufw prevents connections to ports from other containers.
But I’ve also read in this forum, that fail2ban does not work inside containers, so you have to set it up on the host: Fail2ban for Wordpress on containers
So, how much of iptables works inside a container? Why does ufw work, but fail2ban doesn’t work?