lissy93/tcpdump

By lissy93

Updated over 2 years ago

🐳 Small Docker container to sniff the traffic of any other Docker container with tcpdump

Image
Security

132

Docker TCPDump

Small Docker container to sniff the traffic of any other Docker container with tcpdump
lissy93/tcpdump


Usage
docker run --rm -v $(pwd):/dump --tty --net=container:<container_name> lissy93/tcpdump tcpdump -i any -w /dump/dump.pcap

Where <container_name> is the running container you would like to analyze, and dump.pcap is the output filename.

Once you've finished captureing traffic, open the pcap file in Wireshark, or your favorite packet analyzer.

You can also run any other tcpdump commands in a similar way, like docker run lissy93/tcpdump tcpdump [commands].

The container is published on DockerHub under lissy93/tcpdump, but if you prefer you can also build the Dockerfile yourself.


License

Licensed under MIT - © Alicia Sykes 2022

Docker Pull Command

docker pull lissy93/tcpdump