Docker Container's network interface in promiscuous mode

docker networking containers promiscuous-mode
11,244

i am able to get it working with below command while creating container as i decided to switch off to listen for all traffic

administrator@gitlabrunner-prod01:~$ docker run --rm --privileged -t -d -p 23:22 --name ubuntu ubuntu
Share:
11,244
Aenon
Author by

Aenon

Updated on June 09, 2022

Comments

  • Aenon
    Aenon almost 2 years

    compose a 3 services architecture and a virtual bridged network on which the three services are attached. I want one of the container to be able to listen to all the traffic within the virtual network (promiscuous mode). Is it possible? I've tried almost everything but nothing seems to be working.

    What I've tried:

    • Giving full privileges to the container
    • Setting the container eth0 interface to promiscuous (ifconfig eth0 promisc)
    • restart the network manager inside the container
    • setting the veth relative to container in promiscuous mode from the host machine
    • modify the mode from "bridge" to "passthru" in the macvlan configuration from the pipework script
    • setting the container as gateway in the network properties of the docker-compose file

    many of the above attempts results in the container's eth0 interface to "think" it is in promiscuous mode, in fact both ifconfig and syslog (from the host) say it is, but the container still sees only its own traffic.

    I'm using Docker 1.11 and the base image inside the container is Ubuntu 14.04:latest

    Below is listed my docker-compose file Thanks in advance

    docker-compose.yml

    version: '2'

networks:

  snort_net:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 172.19.0.0/24
          gateway: 172.19.0.3

services:

   mysql:
     build:
       context: .
       dockerfile: MySql/MySqlFile
     environment:
       - MYSQL_ALLOW_EMPTY_PASSWORD=yes
     networks:
       snort_net:
         ipv4_address: 172.19.0.2

   snort:
     build:
       context: .
       dockerfile: Snort/SnortFile
     depends_on:
       - snorby
     env_file:
       - Snort/snort_variables.env
     networks:
       snort_net:
         ipv4_address: 172.19.0.3
     expose:
       - "80"
       - "21"
     ports:
       - "10100:80"
       - "10101:80/udp"
       - "21:21"
     cap_add:
       - NET_ADMIN
     privileged: true


   snorby:
     build:
       context: .
       dockerfile: Snorby/SnorbyFile
     depends_on:
       - mysql
     env_file:
       - Snorby/snorby_variables.env
     networks:
       snort_net:
         ipv4_address: 172.19.0.4
     ports:
       - "3000:3000"

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Docker on CentOS with bridge to LAN network
How to support multicast network in Docker
Iptables LOG rule inside a network namespace
VPN container providing access to host's LAN?
Unable to connect to redis from another docker container
Docker macvlan network, unable to access internet
How to compile a Flutter application on a docker container on Intellij Idea?
How to run podman from inside a container?
Copying files with execute permissions in Docker Image
What causes transport: "dial unix /var/run/docker/containerd/docker-containerd.sock: connect: connection refused"?