Skip to content

ueisele/wireshark-images

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
Dockerfile
Dockerfile
 
 
README.adoc
README.adoc
 
 
build.sh
build.sh
 
 
install-deb.sh
install-deb.sh
 
 
xpra_docker.conf
xpra_docker.conf
 
 
xpra_wireshark.conf
xpra_wireshark.conf
 
 

Repository files navigation

Wireshark Docker Images

Images

TShark

If you wish to analyze traffic from network devices, you should use:

docker run -it --rm --cap-add NET_ADMIN --cap-add=NET_RAW ueisele/tshark:3.6.1

You can capture on a specific network interface with -i flag, e.g. -i eth0. Its also possible to capture host network interfaces adding --net host parameter.

docker run -it --rm --cap-add NET_ADMIN --cap-add=NET_RAW --net host ueisele/tshark:3.6.1 -i eth0

If that didn’t work, it may be necessary to start the container as priviliged:

docker run -it --rm --privileged ueisele/tshark:3.6.1

Termshark

If you wish to analyze traffic from network devices, you should use:

docker run -it --rm --cap-add NET_ADMIN --cap-add=NET_RAW ueisele/tshark-termshark:3.6.1-2.3.0

Wireshark

Docker image which makes Wireshark available via Web browser using XPRA based on https://github.com/ffeldhaus/docker-wireshark

Run wireshark container. By default port 14500 will be used. Change docker port mapping to a different port if required (e.g. 5432/14500).

By default, the container uses the default self-signed certificate to offer SSL. If you want to specify your own certificate, you can overwrite the default SSL certificate with the docker parameter similar to --mount type=bind,source="$(pwd)"/ssl-cert.pem,target=/etc/xpra/ssl-cert.pem,readonly (make sure to put the ssl-cert.pem file in the current folder or modify the source path).

By default, Wireshark can only be accessed using a password. The default password is debian, but can be changed by setting the environment variable XPRA_PW.

docker run --rm --cap-add NET_ADMIN --cap-add=NET_RAW -p 14500:14500 ueisele/wireshark:3.6.1

Build

Enable execution of different multi-architecture containers by QEMU and binfmt_misc (see https://github.com/multiarch/qemu-user-static):

docker run --rm --privileged multiarch/qemu-user-static --reset -p yes

Build images with Wireshark 3.6.1 for arm64 and amd64 and push to Docker Hub registry of user ueisele.

./build.sh --push --user ueisele --version 3.6.1 --platform linux/arm64,linux/amd64

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages