iptables limit inbound connections to Docker container

Running an Ubuntu 16.04 server with Docker Engine (latest version 1.12.1) and a Docker image/container based on Ubuntu 16.04 as well. I need to limit (on a specific port using TCP) both: 1. the number of connections per second (let's say 10), and 2. the number of simultaneous connections It would be perfect if it is possible to create an entrypoint script inside the Docker container that when loaded handles the iptables setup for this, but if that is not possible then how can I configure this on the host (outside Docker container)? Currently I have this on the host: $ iptables -L --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 DOCKER-ISOLATION all -- anywhere anywhere 2 DOCKER all -- anywhere anywhere 3 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED 4 ACCEPT all -- anywhere anywhere 5 ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) num target prot opt source destination Chain DOCKER (1 references) num target prot opt source destination 1 ACCEPT tcp -- anywhere 172.17.0.2 tcp dpt:15672 Chain DOCKER-ISOLATION (1 references) num target prot opt source destination 1 RETURN all -- anywhere anywhere How can I add the above two rules to the DOCKER chain if the destination port is lets say port 5671?