diff --git a/netflow/iptables.sh b/netflow/iptables.sh
index 971c4cf..81f62f1 100644
--- a/netflow/iptables.sh
+++ b/netflow/iptables.sh
@@ -15,7 +15,7 @@ __get_mount_paths_cgroup_id() {
 		fi
 	done
 }
-# __get_mount_paths_cgroup_id
+__get_mount_paths_cgroup_id
 
 __get_in_cgroup_ids() {
 	awk '$0 != 0 && $0 != 1' /sys/fs/cgroup/net_cls,net_prio/*/net_cls.classid
diff --git a/netflow/test.sh b/netflow/test.sh
new file mode 100644
index 0000000..8190a12
--- /dev/null
+++ b/netflow/test.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+__get_mount_paths_cgroup_id() {
+	docker ps -q --no-trunc | while read -r cid; do
+		_path=$(docker inspect "$cid" --format '{{range .Mounts}}{{.Source}}{{"\n"}}{{end}}' 2>/dev/null)
+		if grep -q "$CACHE/$FILE_PATH_START" <<<"$_path"; then
+			_cmd="find /sys/fs/cgroup/ -maxdepth 2 -type d -name $cid | grep net_cls 2>/dev/null"
+			_cgroup_path=$(nsenter --mount=/host/proc/1/ns/mnt --net=/host/proc/1/ns/net sh -c "$_cmd")
+			_cmd_classid="cat $_cgroup_path/net_cls.classid 2>/dev/null"
+			_cgroup_id=$(nsenter --mount=/host/proc/1/ns/mnt --net=/host/proc/1/ns/net sh -c "$_cmd_classid")
+			echo "$_cgroup_id"
+		fi
+	done
+}
+__get_mount_paths_cgroup_id