Docker Network Traffic Analyzer

Docker application to analyze network traffic using Wireshark accessed via a Webbrowser.

Checkout Repository from GitHub and create a haproxy config file based on the template

git clone https://github.com/ffeldhaus/docker-network-traffic-analyzer.git
cd docker-network-traffic-analyzer
cp haproxy.cfg.template haproxy.cfg

Review the haproxy.cfg file and configure which ports should accept traffic and to which servers the traffic should be forwarded. The file includes examples for proxying HTTP to HTTPS, HTTP, NFS and SMB, but it is possible to configure arbitrary TCP based services. Uncomment the lines of the services you want to expose and change the name and address of the service endpoint (e.g. HTTPS server, NFS server or SMB server).

Review the docker-compose.yml file and add or uncomment the port mapping for all ports you want to expose.

Start the docker application with

docker-compose up

Access Wireshark via

https://<hostname>:14500/?username=wireshark=password=wireshark

If you want to share access to your Wireshark session use

https://<hostname>:14500/?username=wireshark=password=wireshark&sharing=true

The application can be stopped with

docker-compose down

To stop the application and delete the docker containers use

docker-compose down -v

suwaji/wireshark

Docker Network Traffic Analyzer