Disable Docker IP masquerade

I’ve been familiarizing myself with docker lately and got a rootless git container running on CentOS 8. Sadly I’ve hit a road block.
Fail2ban is running on the host, and I’d like to use it to moderate git logins. Currently, Docker is masquerading all incoming connections though.
Masquerade is disabled in the Docker bridge network aswell as the daemon.json, yet connections still get logged with the bridge ip. I would appreciate if you could point me in the right direction.

Thanks in advance!


Issue type

OS Version/build
CentOs 8

App version

Steps to reproduce
Create Network with

driver: bridge
driver_opts: com.docker.network.bridge.enable_ip_masquerade: ‘false’


“ip-masq”: false

Incoming connection ip’s are masked.