Docker Container's network interface in promiscuous mode
i am able to get it working with below command while creating container as i decided to switch off to listen for all traffic
administrator@gitlabrunner-prod01:~$ docker run --rm --privileged -t -d -p 23:22 --name ubuntu ubuntu
Aenon
Updated on June 09, 2022Comments
-
Aenon almost 2 years
compose a 3 services architecture and a virtual bridged network on which the three services are attached. I want one of the container to be able to listen to all the traffic within the virtual network (promiscuous mode). Is it possible? I've tried almost everything but nothing seems to be working.
What I've tried:
- Giving full privileges to the container
- Setting the container eth0 interface to promiscuous (ifconfig eth0 promisc)
- restart the network manager inside the container
- setting the veth relative to container in promiscuous mode from the host machine
- modify the mode from "bridge" to "passthru" in the macvlan configuration from the pipework script
- setting the container as gateway in the network properties of the docker-compose file
many of the above attempts results in the container's eth0 interface to "think" it is in promiscuous mode, in fact both ifconfig and syslog (from the host) say it is, but the container still sees only its own traffic.
I'm using Docker 1.11 and the base image inside the container is Ubuntu 14.04:latest
Below is listed my docker-compose file Thanks in advance
docker-compose.yml
version: '2' networks: snort_net: driver: bridge ipam: driver: default config: - subnet: 172.19.0.0/24 gateway: 172.19.0.3 services: mysql: build: context: . dockerfile: MySql/MySqlFile environment: - MYSQL_ALLOW_EMPTY_PASSWORD=yes networks: snort_net: ipv4_address: 172.19.0.2 snort: build: context: . dockerfile: Snort/SnortFile depends_on: - snorby env_file: - Snort/snort_variables.env networks: snort_net: ipv4_address: 172.19.0.3 expose: - "80" - "21" ports: - "10100:80" - "10101:80/udp" - "21:21" cap_add: - NET_ADMIN privileged: true snorby: build: context: . dockerfile: Snorby/SnorbyFile depends_on: - mysql env_file: - Snorby/snorby_variables.env networks: snort_net: ipv4_address: 172.19.0.4 ports: - "3000:3000"