Wireshark is not showing interfaces in Ubuntu container without privileged mode
I've installed wireshark and xrdp in Ubuntu 18.04 Container. After starting the container with the --privileged
mode and taking RDP connection, I can see the wireshark running with having access to all the interfaces but, when I don't specify the --privileged
mode while running the container, then wireshark does not show any interfaces. So how do I configure the container so that,
- I should be able to run container without privileged mode and still should be able to see the interfaces
- Wireshark should not have access to all the interfaces of the host machine. It should have limited or customized access in which we should be able to mention to which interfaces it should have access to.
Where did you get the docker image from? Was that just a bare Ubuntu 18.04 image (which one?), where you added Wireshark and XRDP yourself, or was it all pre-installed?
I have pulled the image from the Ubuntu official repository from docker hub. After that I've installed the Wireshark and XRDP manually and after taking the rdp I can see all the interfaces only if I start the container in privileged mode.
Did you create specific users in the container to access Wireshark via RDP with?
I've not created separate user. Ubuntu container has only one user i.e root and I'm using the same for RDP login.
Which interface are you wanting to capture from in the container? Probably the one where the RDP session is running over as well?