6.7 KiB
Executable File
linuxserver/wireshark
Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark development thrives thanks to the volunteer contributions of networking experts around the globe and is the continuation of a project started by Gerald Combs in 1998.
Supported Architectures
Our images support multiple architectures such as x86-64
, arm64
and armhf
. We utilise the docker manifest for multi-platform awareness. More information is available from docker here and our announcement here.
Simply pulling linuxserver/wireshark
should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
The architectures supported by this image are:
Architecture | Tag |
---|---|
x86-64 | latest |
arm64 | arm64v8-latest |
armhf | arm32v7-latest |
Usage
Here are some example snippets to help you get started creating a container from this image.
docker
docker create \
--name=wireshark \
--net=host \
--cap-add=NET_ADMIN \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Europe/London \
-p 3000:3000 `#optional` \
-v /path/to/config:/config \
--restart unless-stopped \
linuxserver/wireshark
docker-compose
Compatible with docker-compose v2 schemas.
---
version: "2"
services:
wireshark:
image: linuxserver/wireshark
container_name: wireshark
cap_add:
- NET_ADMIN
network_mode: host
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /path/to/config:/config
ports:
ports:
- 3000:3000 #optional
restart: unless-stopped
Parameters
Docker images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate <external>:<internal>
respectively. For example, -p 8080:80
would expose port 80
from inside the container to be accessible from the host's IP on port 8080
outside the container.
Ports (-p
)
Parameter | Function |
---|---|
3000 |
WireShark desktop gui, only use this if you are not using host mode and sniffing Docker network traffic. |
Networking (--net
)
Parameter | Function |
---|---|
--net=host |
Use Host Networking |
Environment Variables (-e
)
Env | Function |
---|---|
PUID=1000 |
for UserID - see below for explanation |
PGID=1000 |
for GroupID - see below for explanation |
TZ=Europe/London |
Specify a timezone to use EG Europe/London. |
Volume Mappings (-v
)
Volume | Function |
---|---|
/config |
Users home directory in the container, stores program settings and potentially dump files. |
User / Group Identifiers
When using volumes (-v
flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user PUID
and group PGID
.
Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic.
In this instance PUID=1000
and PGID=1000
, to find yours use id user
as below:
$ id username
uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup)
Application Setup
The application can be accessed at:
By default the user/pass is abc/abc, if you change your password or want to login manually to the GUI session for any reason use the following link:
In order to dump from an interface you will need to pass NET_ADMIN
at a minimum, optionally you can use host networking to capture from your host level device or specify a Docker network you want to capture from.
If you do not specificy host networking you will need to map port 3000 with -p 3000:3000
.
Support Info
- Shell access whilst the container is running:
docker exec -it wireshark /bin/bash
- To monitor the logs of the container in realtime:
docker logs -f wireshark
- Container version number
docker inspect -f '{{ index .Config.Labels "build_version" }}' wireshark
- Image version number
docker inspect -f '{{ index .Config.Labels "build_version" }}' linuxserver/wireshark
Versions
- 31.03.20: - Initial release.