-
Notifications
You must be signed in to change notification settings - Fork 239
Using tcpconnect to track TCP proxy connections
Christophe Fergeau edited this page Feb 25, 2020
·
1 revision
Create an image with this Dockerfile
FROM docker.io/library/centos:latest
RUN yum install -y bcc-tools http://download.eng.bos.redhat.com/brewroot/vol/rhel-8/packages/kernel/4.18.0/147.3.1.el8_1/x86_64/kernel-devel-4.18.0-147.3.1.el8_1.x86_64.rpm http://download.eng.bos.redhat.com/brewroot/vol/rhel-8/packages/kernel/4.18.0/147.3.1.el8_1/x86_64/kernel-headers-4.18.0-147.3.1.el8_1.x86_64.rpm
ENTRYPOINT ["/usr/share/bcc/tools/tcpconnect"]
The kernel-devel/kernel-headers versions must exactly match the one used by CoreOS from the crc bundle
Image creation/publishing is
podman build -t bcc-tcpconnect $dockerfile_dir/ .
podman push localhost/bcc-tcpconnect quay.io/teuf/experiments:147.3.1.el8_1
Then after running crc start, you can run (possibly as soon as ssh is up in the VM):
ssh -o StrictHostKeyChecking=no, -o UserKnownHostsFile=/dev/null -i ~/.crc/machines/crc/id_rsa [email protected] sudo podman run --privileged -v /lib/modules:/lib/modules:ro quay.io/teuf/experiments:4.18.0-147.3.1.el8_1