1 | initial version |
ad 1. You'll need to deploy your container with additional capabilities. Unfortunately, the question doesn't specify any deployment details albeit that would have been crucial. A good bet would be to add CAP_NET_ADMIN and CAP_NET_RAW. However, since the Q also doesn't mention --net=host all you will see is your own eth0 behind a virtual bridge. As others pointed out, MACVLAN isn't a viable solution in this case, as it is a filtered secondary vNIC.
ad 2. not possible without heavy interference with the system and playing tricks with syscalls.
Maybe the following could be an option for you: Siemens has open source'd Edgeshark that consists of a service container and a Wireshark extcap plugin. This allows to capture from the host (well, be careful as you capture your own captures) as well as from containers. It isn't Wireshark in a container but instead you connect from your Desktop Wireshark to the service deployed on your linux host.