This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Other Technologies Network technology Use tcpdump on Linux to analyze docker container traffic
View: 516|Reply: 0

[Troubleshooting] Use tcpdump on Linux to analyze docker container traffic

[Copy link]
Posted on 2025-7-25 14:23:11 | | | |
Requirements: Pull a private Docker image, the project code deployed in it is closed-source, how to capture the traffic of the packet container, and analyze the behavior. I don't want to install some software on the host machine to avoid contaminating the system.

Tcpdump

tcpdump is a command-line network packet analysis tool that runs on Unix-like systems. It captures and analyzes data packets flowing over network interfaces and displays them in a readable format, including source and destination addresses, ports, protocol types, and more. It also supports various filtering options, making it easy for users to filter packets based on specific needs.

Official Website:The hyperlink login is visible.
Source:The hyperlink login is visible.

Netshoot

Docker + Kubernetes Network Troubleshooting Swiss Army Knife containers, Docker and Kubernetes network troubleshooting can be very complex. With a proper understanding of how Docker and Kubernetes work and the right toolset, you can troubleshoot and resolve these network issues. Dockernetshoot containers have a powerful set of network troubleshooting tools that can be used to troubleshoot network issues with Docker. In addition to these tools, we also provide a range of use cases that demonstrate how the container can be used in real-world scenarios.

Netshoot includes: apache2-utils, bash, bind-tools, bird, bridge-utils, busybox-extras, conntrack-tools, curl, dhcping, drill, ethtool, file, fping, iftop, iperf, iperf3, iproute2, ipset, iptables、iptraf-ng、iputils、ipvsadm、httpie、jq、libc6-compat、liboping、ltrace、mtr、net-snmp-tools、netcat-openbsd、nftables、ngrep、nmap、nmap-nping、nmap-scripts、openssl、 py3-pip、py3-setuptools、scapy、socat、speedtest-cli、openssh、oh-my-zsh、strace、tcpdump、tcptraceroute、trippy、tshark、util-linux、vim、git、zsh、websocat、swaks、perl-crypt-ssleay、 perl-net-ssleay



Source code address:The hyperlink login is visible.

Netshoot uses the Tcpdump tool

Pull the Netshoot image and use the Tcpdump tool with the following command:
As shown below:



To view all network cards, the command is as follows:
Grab the DNS package with the following command:
As shown below:



To capture non-intranet traffic packets, that is, to exclude private IP address ranges (RFC 1918), the command is as follows:


Reference:
The hyperlink login is visible.
The hyperlink login is visible.
The hyperlink login is visible.
The hyperlink login is visible.




Previous:.NET/C# Regular Expression Regular Expression Matching Extraction
Next:.NET/C# despaces the string non-empty string in the object (class instance).

Related Posts
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com