https://github.com/moncho/docker-tcpdump
Another tcpdump in Docker. Not better than most.
https://github.com/moncho/docker-tcpdump
Last synced: 4 months ago
JSON representation
Another tcpdump in Docker. Not better than most.
- Host: GitHub
- URL: https://github.com/moncho/docker-tcpdump
- Owner: moncho
- License: mit
- Created: 2016-05-29T09:28:58.000Z (about 10 years ago)
- Default Branch: master
- Last Pushed: 2016-05-29T10:24:32.000Z (about 10 years ago)
- Last Synced: 2025-03-13T04:15:16.962Z (over 1 year ago)
- Size: 1000 Bytes
- Stars: 2
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
TCPDump
=======
Yet another (Alpine-based) Docker container to run [TCPDump]. Running without parameters will run tcpdump keeping at max one day of pcaps in 15 minute chunks.
Volume with pcaps available at `/pcap/`.
Usage
-----
#### View help and version
$ docker run --rm moncho/tcpdump --help
#### Examine the host network
$ docker run --rm --net=host -v ~/pcap:/pcap moncho/tcpdump
#### Examine the TCP traffic on the host network with Wireshark
$ docker run --rm --net=host moncho/tcpdump -i any -w - | wireshark -k -i -
#### Examine the traffic of Docker container `foo` with Wireshark
$ docker run --rm --net=container:foo moncho/tcpdump -i any --immediate-mode -w - | wireshark -k -i -
## Credits
Heavily inspired by this [post](http://jerrygamblin.com/2016/05/28/a-docker-container-to-capture-all-traffic-from-host/).
[TCPDump]: http://www.tcpdump.org/