Menu
compose a 3 services architecture and a virtual bridged network on which the three services are attached. I want one of the container to be able to listen to all the traffic within the virtual network (promiscuous mode). Is it possible? I've tried almost everything but nothing seems to be working.
What I've tried:
many of the above attempts results in the container's eth0 interface to "think" it is in promiscuous mode, in fact both ifconfig and syslog (from the host) say it is, but the container still sees only its own traffic.
I'm using Docker 1.11 and the base image inside the container is Ubuntu 14.04:latest
Below is listed my docker-compose file Thanks in advance
docker-compose.yml
version: '2'
networks:
snort_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.19.0.0/24
gateway: 172.19.0.3
services:
mysql:
build:
context: .
dockerfile: MySql/MySqlFile
environment:
- MYSQL_ALLOW_EMPTY_PASSWORD=yes
networks:
snort_net:
ipv4_address: 172.19.0.2
snort:
build:
context: .
dockerfile: Snort/SnortFile
depends_on:
- snorby
env_file:
- Snort/snort_variables.env
networks:
snort_net:
ipv4_address: 172.19.0.3
expose:
- "80"
- "21"
ports:
- "10100:80"
- "10101:80/udp"
- "21:21"
cap_add:
- NET_ADMIN
privileged: true
snorby:
build:
context: .
dockerfile: Snorby/SnorbyFile
depends_on:
- mysql
env_file:
- Snorby/snorby_variables.env
networks:
snort_net:
ipv4_address: 172.19.0.4
ports:
- "3000:3000"
595
Promiscuous mode is a security policy which can be defined at the virtual switch or portgroup level in vSphere ESX/ESXi. A virtual machine, Service Console or VMkernel network interface in a portgroup which allows use of promiscuous mode can see all network traffic traversing the virtual switch.
You can create multiple networks with Docker and add containers to one or more networks. Containers can communicate within networks but not across networks. A container with attachments to multiple networks can connect with all of the containers on all of those networks.
Think of a Docker container as a lightweight isolated environment, akin to a virtual environment, where you can run a program/service. This service can run multiple threads, all launched from the parent program - it is still one service running on a single Docker container.
To create a macvlan network which bridges with a given physical network interface, use --driver macvlan with the docker network create command. You also need to specify the parent , which is the interface the traffic will physically go through on the Docker host.
i am able to get it working with below command while creating container as i decided to switch off to listen for all traffic
administrator@gitlabrunner-prod01:~$ docker run --rm --privileged -t -d -p 23:22 --name ubuntu ubuntu
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
