diff --git a/images/docker-wireshark.md b/images/docker-wireshark.md new file mode 100755 index 000000000..55f5884f4 --- /dev/null +++ b/images/docker-wireshark.md @@ -0,0 +1,151 @@ +# [linuxserver/wireshark](https://github.com/linuxserver/docker-wireshark) + +[![GitHub Stars](https://img.shields.io/github/stars/linuxserver/docker-wireshark.svg?style=flat-square&color=E68523&logo=github&logoColor=FFFFFF)](https://github.com/linuxserver/docker-wireshark) +[![GitHub Release](https://img.shields.io/github/release/linuxserver/docker-wireshark.svg?style=flat-square&color=E68523&logo=github&logoColor=FFFFFF)](https://github.com/linuxserver/docker-wireshark/releases) +[![GitHub Package Repository](https://img.shields.io/static/v1.svg?style=flat-square&color=E68523&label=linuxserver.io&message=GitHub%20Package&logo=github&logoColor=FFFFFF)](https://github.com/linuxserver/docker-wireshark/packages) +[![GitLab Container Registry](https://img.shields.io/static/v1.svg?style=flat-square&color=E68523&label=linuxserver.io&message=GitLab%20Registry&logo=gitlab&logoColor=FFFFFF)](https://gitlab.com/Linuxserver.io/docker-wireshark/container_registry) +[![Quay.io](https://img.shields.io/static/v1.svg?style=flat-square&color=E68523&label=linuxserver.io&message=Quay.io)](https://quay.io/repository/linuxserver.io/wireshark) +[![MicroBadger Layers](https://img.shields.io/microbadger/layers/linuxserver/wireshark.svg?style=flat-square&color=E68523)](https://microbadger.com/images/linuxserver/wireshark "Get your own version badge on microbadger.com") +[![Docker Pulls](https://img.shields.io/docker/pulls/linuxserver/wireshark.svg?style=flat-square&color=E68523&label=pulls&logo=docker&logoColor=FFFFFF)](https://hub.docker.com/r/linuxserver/wireshark) +[![Docker Stars](https://img.shields.io/docker/stars/linuxserver/wireshark.svg?style=flat-square&color=E68523&label=stars&logo=docker&logoColor=FFFFFF)](https://hub.docker.com/r/linuxserver/wireshark) +[![Build Status](https://ci.linuxserver.io/view/all/job/Docker-Pipeline-Builders/job/docker-wireshark/job/master/badge/icon?style=flat-square)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireshark/job/master/) +[![](https://lsio-ci.ams3.digitaloceanspaces.com/linuxserver/wireshark/latest/badge.svg)](https://lsio-ci.ams3.digitaloceanspaces.com/linuxserver/wireshark/latest/index.html) + +[Wireshark](https://www.wireshark.org/) is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark development thrives thanks to the volunteer contributions of networking experts around the globe and is the continuation of a project started by Gerald Combs in 1998. + +## Supported Architectures + +Our images support multiple architectures such as `x86-64`, `arm64` and `armhf`. We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/). + +Simply pulling `linuxserver/wireshark` should retrieve the correct image for your arch, but you can also pull specific arch images via tags. + +The architectures supported by this image are: + +| Architecture | Tag | +| :----: | --- | +| x86-64 | latest | +| arm64 | arm64v8-latest | +| armhf | arm32v7-latest | + + +## Usage + +Here are some example snippets to help you get started creating a container from this image. + +### docker + +``` +docker create \ + --name=wireshark \ + --net=host \ + --cap-add=NET_ADMIN \ + -e PUID=1000 \ + -e PGID=1000 \ + -e TZ=Europe/London \ + -p 3000:3000 `#optional` \ + -v /path/to/config:/config \ + --restart unless-stopped \ + linuxserver/wireshark +``` + + +### docker-compose + +Compatible with docker-compose v2 schemas. + +```yaml +--- +version: "2" +services: + wireshark: + image: linuxserver/wireshark + container_name: wireshark + cap_add: + - NET_ADMIN + network_mode: host + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/London + volumes: + - /path/to/config:/config + ports: + ports: + - 3000:3000 #optional + restart: unless-stopped +``` + +## Parameters + +Docker images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `:` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container. + +### Ports (`-p`) + +| Parameter | Function | +| :----: | --- | +| `3000` | WireShark desktop gui, only use this if you are not using host mode and sniffing Docker network traffic. | + +#### Networking (`--net`) +| Parameter | Function | +| :-----: | --- | +| `--net=host` | Use Host Networking | + +### Environment Variables (`-e`) + +| Env | Function | +| :----: | --- | +| `PUID=1000` | for UserID - see below for explanation | +| `PGID=1000` | for GroupID - see below for explanation | +| `TZ=Europe/London` | Specify a timezone to use EG Europe/London. | + +### Volume Mappings (`-v`) + +| Volume | Function | +| :----: | --- | +| `/config` | Users home directory in the container, stores program settings and potentially dump files. | + + + +## User / Group Identifiers + +When using volumes (`-v` flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`. + +Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic. + +In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as below: + +``` + $ id username + uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup) +``` + +## Application Setup + +The application can be accessed at: + +* http://yourhost:3000/ + +By default the user/pass is abc/abc, if you change your password or want to login manually to the GUI session for any reason use the following link: + +* http://yourhost:3000/?login=true + +In order to dump from an interface you will need to pass `NET_ADMIN` at a minimum, optionally you can use host networking to capture from your host level device or specify a Docker network you want to capture from. + +If you do not specificy host networking you will need to map port 3000 with `-p 3000:3000`. + + + +## Support Info + +* Shell access whilst the container is running: + * `docker exec -it wireshark /bin/bash` +* To monitor the logs of the container in realtime: + * `docker logs -f wireshark` +* Container version number + * `docker inspect -f '{{ index .Config.Labels "build_version" }}' wireshark` +* Image version number + * `docker inspect -f '{{ index .Config.Labels "build_version" }}' linuxserver/wireshark` + +## Versions + +* **31.03.20:** - Initial release.