tcpdump docker traffic

Tiny howto, so don’t need to look this up as often. In order to tcpdump your own docker traffic, you will need to identify the appropriate interface first:

# docker network ls
NETWORK ID      NAME                      DRIVER              SCOPE
15a300de        bridge                    bridge              local
88d8d7d1        nextcloud_default         bridge              local

From that, we get the network ID. This will be included (at least partly) in the interface name, so we’ll just take the first few characters and grep:

# ip addr | grep 88d8b
9: br-88d8d7d1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default

this gives us the full interface name (ok, basically this is just “br-” followed by the network ID).

We can then just use tcpdump any way we like:

tcpdump -i br-88d8d7d1

Leave a Reply


Author

Claudius Coenen is a tech-enthusiast. He's writing on all kinds of topics, including programming, technology, gadgets and media.

This site features his occasional articles, findings, documentations.

Categories

Connect

RSS Recent Bookmarks

Legal