jgraglia · March 17, 2016 13:05
diff --git a/dshark.sh b/dshark.sh
 #https://github.com/crccheck/docker-tcpdump
 #docker ps format help https://docs.docker.com/engine/reference/commandline/ps/#format
 # IPT : https://github.com/ruyadorno/ipt
 function dshark {
 	if [ $# == 0 ]; then
 		CONTAINER=`docker ps --format='table {{.ID}} | {{.Names}} | {{.Command}}' | ipt | cut -d '|' -f 1`
 		if [ "$$CONTAINER" == "" ]; then
 			echo "Missing docker container: $CONTAINER"
 			return 1
 		fi
 	else 
 		CONTAINER=$1
 	fi
 	echo "Will launch Wireshark capture on container $CONTAINER"
 	docker ps --filter "id=$CONTAINER"
 	docker run --rm --net=container:$CONTAINER crccheck/tcpdump -i any --immediate-mode -w - | wireshark -k -i -
 }
	#https://github.com/crccheck/docker-tcpdump
	#docker ps format help https://docs.docker.com/engine/reference/commandline/ps/#format
	# IPT : https://github.com/ruyadorno/ipt
	function dshark {
	if [ $# == 0 ]; then
	CONTAINER=`docker ps --format='table {{.ID}} \| {{.Names}} \| {{.Command}}' \| ipt \| cut -d '\|' -f 1`
	if [ "$$CONTAINER" == "" ]; then
	echo "Missing docker container: $CONTAINER"
	return 1
	fi
	else
	CONTAINER=$1
	fi
	echo "Will launch Wireshark capture on container $CONTAINER"
	docker ps --filter "id=$CONTAINER"
	docker run --rm --net=container:$CONTAINER crccheck/tcpdump -i any --immediate-mode -w - \| wireshark -k -i -
	}