Ask Your Question

How to setup wireshark in a docker container?

asked 2021-01-19 06:47:50 +0000

flash gravatar image

updated 2021-01-21 15:22:54 +0000

Jaap gravatar image

I've installed wireshark in a privileged Ubuntu container and I don't want wireshark to have access to interfaces of host OS so that user won't be able to capture the packets of host OS. How do I configure wireshark for the same.

edit retag flag offensive close merge delete


Not sure how your interfacing is setup. I would expect an ethernet pair connecting your container to the docker0 bridge. That would not allow you to see the host OS interfaces.

Jaap gravatar imageJaap ( 2021-01-20 20:15:35 +0000 )edit

My container setup is as below:

  1. I've pulled the Ubuntu 18 image and installed Wireshark, xrdp on it.
  2. After starting the container and connecting it through RDP (Remmina), I can see all the interfaces in the wireshark. (when I start the container with privileged mode. Without this flag wireshark does not show any interfaces). So I want to restrict the wireshark from using the host os interfaces.

I have not done any setup for interfaces

flash gravatar imageflash ( 2021-01-21 11:01:47 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted

answered 2021-01-21 15:21:53 +0000

Jaap gravatar image

Don't run docker in privileged mode. It grants way too much access. Lookup to properly setup Wireshark capture capabilities in Debian and Ubuntu, which is documented in many places. This assuming you're setting up users in your docker container. Otherwise this is more of a docker configuration question than a Wireshark question.

edit flag offensive delete link more


Okay. Thanks. Can you give me the link for such documents or blogs if you have?

flash gravatar imageflash ( 2021-01-25 11:13:51 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools


Asked: 2021-01-19 06:47:50 +0000

Seen: 178 times

Last updated: Jan 21