maltrail icon indicating copy to clipboard operation
maltrail copied to clipboard
verified publisher icon stamparm

Traffic not being recorded in docker

Open irajic opened this issue 11 months ago • 5 comments

Hi,

I was installing Maltrail, just for demonstration purposes, in docker on VirtualBox with clean Debian 12.7 following commands given at https://github.com/stamparm/maltrail/tree/master/docker, but there was no /var/log/maltrail/$(date +"%Y-%m-%d").log file and it didn't seem to capture any traffic. I tried with commands nslookup morphed.ru and ping -c 1 136.161.101.53.

I updated the Dockerfile because it seems to me that there is some trouble with properly executing command pip3 install pcapy-ng (but there was no warning or error of any kind while building the container).

Adding apt-get install net-tools iproute2 curl and pip3 install --upgrade pip setuptools wheel to the Dockerfile seems to get rid of the issue and now I see logs and traffic in UI.

If you have the time, can you maybe checkout what exactly happened?

irajic avatar Jan 23 '25 09:01 irajic

Hello!

A little bit chaotic description, as for me... Could you, please, attach your current Dockerfile configuration file, which works OK? Thnx!

MikhailKasimov avatar Jan 23 '25 11:01 MikhailKasimov

Hi, yes sorry for that. If I can clarify you any specific part let me know.

Here is the Dockerfile.

Dockerfile.txt

irajic avatar Jan 23 '25 12:01 irajic

@stamparm Take a look, please. Perhaps, something should be updated from our side?

MikhailKasimov avatar Jan 24 '25 08:01 MikhailKasimov

I had to use network_mode: host for the container to see the interfaces.

ki9us avatar Jul 10 '25 14:07 ki9us

I had to use network_mode: host for the container to see the interfaces.

Some patch needed for htps://github.com/stamparm/maltrail/blob/master/docker/Dockerfile file?

MikhailKasimov avatar Jul 10 '25 14:07 MikhailKasimov