Jay Taylor's notes

back to listing index

Running Wireshark on Docker – Tapan Chugh – Medium

[web search]
Original source (medium.com)
Tags: containers golang go docker wireshark ethereal medium.com
Clipped on: 2017-03-29

Image (Asset 1/6) alt= “os”
func main() {
// Lock the OS Thread so we don’t accidentally switch namespaces
defer runtime.UnlockOSThread()
// Save the current network namespace
origns, _ := netns.Get()
defer origns.Close()
// Get the network namespace based on container id
newns, _ := netns.GetFromDocker(“a115e93f5137”)
defer newns.Close()
// Do something with the network namespace
ifaces, _ := net.Interfaces()
fmt.Printf(“Interfaces: %v\n”, ifaces)
cmd := exec.Command(“tshark”,”-z”,”conv,ip”,”-i”,”eth0")
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
cmd.Stdin = os.Stdin
 //Return to original namespace

This program must be run as root since it changes the network namespace. Instead of using wireshark, i used the command line version tshark, and run it in the conversation mode. This can be changed according to the needs.

  • Image (Asset 2/6) alt=