Hello everybody
On my linux server (Pi4, Raspian) I run a lot of docker container. Now I want do analyse them with wireshark and here I have a problem, where I dont find the solution. Hope you can help me.
If I run the container in brigde mode with puplish port 3000, it works and I can connect to it, but of cource I can´t connect to the host network. And if I run the container in host mode I cant access to it. On portscan I only see Port 3350 gets opend, but no connection is possible. Other container in host mode works fine. The the log file don´t shown any interessting.
So the Question: Why in brigde mode port 3000 ins forwarded and in host mode port 3000 isn´t open? Therefor port 3350 is open but why i cant connect to it?
Any help welcome!
Grettings Mili
please share your compose, the container logs (they start with our ascii logo) and the output of uname -mr && docker version
Docker compose:
version: "2.1"
services:
wireshark:
image: lscr.io/linuxserver/wireshark:latest
container_name: wireshark
cap_add:
- NET_ADMIN
network_mode: host
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /home/pi/wireshark:/config
restart: unless-stopped
Log:
[migrations] started
[migrations] no migrations found
usermod: no changes
-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/
Brought to you by linuxserver.io
-------------------------------------
To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------
User uid: 1000
User gid: 1000
-------------------------------------
[custom-init] No custom files found, skipping...
In the log file with port 3000, after the same output, comes:
guacd[178]: INFO: Guacamole proxy daemon (guacd) version 1.1.0 started
guacd[178]: INFO: Listening on host 0.0.0.0, port 4822
guacd[178]: INFO: Guacamole connection closed during handshake
Starting guacamole-lite websocket server
listening on *:3000
[guac-init] Auto start not set, application start on login
[ls.io-init] done.
Output of uname -mr && docker version
5.10.103-v7l+ armv7l
Client: Docker Engine - Community
Version: 20.10.22
API version: 1.41
Go version: go1.18.9
Git commit: 3a2c30b
Built: Thu Dec 15 22:27:56 2022
OS/Arch: linux/arm
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.22
API version: 1.41 (minimum version 1.12)
Go version: go1.18.9
Git commit: 42c8b31
Built: Thu Dec 15 22:25:44 2022
OS/Arch: linux/arm
Experimental: false
containerd:
Version: 1.6.13
GitCommit: 78f51771157abb6c9ed224c22013cdf09962315d
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d
docker-init:
Version: 0.19.0
GitCommit: de40ad0
In host mode the websocket server isn´t started, but why?
Any ideas?
If I use
version: "2.1"
services:
wireshark-host:
image: lscr.io/linuxserver/wireshark:latest
container_name: wireshark-host
cap_add:
- NET_ADMIN
security_opt:
- seccomp:unconfined #optional
#network_mode: host
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /home/pi/wireshark:/config
ports:
- 3000:3000 #optional
restart: unless-stopped
Websocket server starts correct and I can access on Port 3000 - but no host network
version: "2.1"
services:
wireshark-host:
image: lscr.io/linuxserver/wireshark:latest
container_name: wireshark-host
cap_add:
- NET_ADMIN
security_opt:
- seccomp:unconfined #optional
network_mode: host
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /home/pi/wireshark:/config
ports:
- 3000:3000 #optional
restart: unless-stopped
No websocket server is started and I can´t access
Please, I need a tipp!
have you tried putting the seccomp into your compose with host mode? I suspect with a 32bit OS you will definitely want this (and you need to start planning to move to 64bit)
er i see in your update you show a compose with it, but you don’t show any logs with it. I’ve tested your compose locally, but i have no 32bit machines, in my case it worked fine.
Still the same …
version: "2.1"
services:
wireshark-host:
image: ghcr.io/linuxserver/wireshark:latest
container_name: wireshark-host
cap_add:
- NET_ADMIN
security_opt:
- seccomp:unconfined #optional
network_mode: host
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /home/pi/wireshark:/config
ports:
- 3000:3000 #optional
restart: unless-stopped
[custom-init] No custom services found, skipping...
[migrations] started
[migrations] no migrations found
-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/
Brought to you by linuxserver.io
-------------------------------------
To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------
User uid: 1000
User gid: 1000
-------------------------------------
Generating 2048 bit rsa key...
ssl_gen_key_xrdp1 ok
saving to rsakeys.ini
Generating a RSA private key
...........+++++
.................................................+++++
writing new private key to '/etc/xrdp/key.pem'
-----
[custom-init] No custom files found, skipping...
version: "2.1"
services:
wireshark-host:
image: ghcr.io/linuxserver/wireshark:latest
container_name: wireshark-host
cap_add:
- NET_ADMIN
security_opt:
- seccomp:unconfined #optional
#network_mode: host
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /home/pi/wireshark:/config
ports:
- 3000:3000 #optional
restart: unless-stopped
[custom-init] No custom services found, skipping...
[migrations] started
[migrations] no migrations found
-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/
Brought to you by linuxserver.io
-------------------------------------
To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------
User uid: 1000
User gid: 1000
-------------------------------------
Generating 2048 bit rsa key...
ssl_gen_key_xrdp1 ok
saving to rsakeys.ini
Generating a RSA private key
.............................+++++
................................................................................+++++
writing new private key to '/etc/xrdp/key.pem'
-----
[custom-init] No custom files found, skipping...
guacd[185]: INFO: Guacamole proxy daemon (guacd) version 1.1.0 started
guacd[185]: INFO: Listening on host 0.0.0.0, port 4822
guacd[185]: INFO: Guacamole connection closed during handshake
Starting guacamole-lite websocket server
listening on *:3000
[guac-init] Auto start not set, application start on login
[ls.io-init] done.
Guacamole websocket don´t start in host mode …
I get crasy!