How to capture packets for single docker container
First, get
pidof the container you are interested indocker inspect --format "{{ .State.Pid }}" "$CONTAINER_ID"Then enter the same network namespace
nsenter -n -t "$PID"Finally, run
tcpdump
From and for a workstation with Wireshark:
docker exec -ti <container id> cat /sys/class/net/eth0/iflink
28
ip link | grep 28
28: veth11b0a6c@if27: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
You can bind to the network namespace of one container to another:
docker run -it --rm --net container:<container_name> \
nicolaka/netshoot tcpdump ...
To see more about the netshoot image used above, see: https://github.com/nicolaka/netshoot