Public Repository

Last pushed: a year ago
Short Description
Captures Traffic From Docker Host Into Pcap Files in 15 Minute Chunks
Full Description

This simple container runs a tcpdump and writes dumps to the volume /pcap.
It will keep at max one day of pcaps in 15 minute chunks.

To capture on the hosts network interfaces, you need to run the
container by using the host networking mode:

To capture on the hosts network interfaces, you need to run the
container by using the host networking mode:
docker run --net=host jgamblin/tcpdump

If you want storage to happen on your host:
docker run -v ~/pcap:/pcap --net=host -d jgamblin/tcpdump

Bonus
If you want to then display those pcaps in a browser (on port 1337) run this:
docker run -h tccdumpweb -p 1337:80 -v ~/pcap:/var/www/html/ -d eboraas/apache

Docker Pull Command
Owner
jgamblin