페이지 이력

...
(예) NetFlow, sFlow, 네트워크 로그 등을 컨테이너로 수집할 때, 데이터를 발생한 장비의 IP를 기록하기 위해서는 도커의 iptables를 활성화 해야 함
Test Commands

Docker Host (134.75.zzz.250)

...
소스 IP는 docker0 인터페이스의 IP인 172.17.0.1 으로 바뀌에 전달됨.
코드 블럭
linenumbers	true
# tcpdump -i any -nn 'port 8000 or port 80'
16:43:39.818690 eth0         In   IP 210.107.xx.yy.65282 > 134.75.zzz.250.80   : Flags [S] , seq 773619036, win 65535, ... , length 0
16:43:39.818725 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.65282 : Flags [S.], seq 3116599210, ack 773619037, win 62636, ... , length 0
16:43:39.820786 eth0         In   IP 210.107.xx.yy.65282 > 134.75.zzz.250.80   : Flags [.] , ack 1, win 2051, ... , length 0
16:43:39.822161 docker0      Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [S] , seq 30794580, win 64240, ... , length 0
16:43:39.822162 veth30acbdc  Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [S] , seq 30794580, win 64240, ... , length 0
16:43:39.822175 veth30acbdc  P    IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [S.], seq 2014184389, ack 30794581, win 65160, ... , length 0
16:43:39.822176 docker0      In   IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [S.], seq 2014184389, ack 30794581, win 65160, ... , length 0
16:43:39.822187 docker0      Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [.] , ack 1, win 502, ... , length 0
16:43:39.822188 veth30acbdc  Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [.] , ack 1, win 502, ... , length 0
16:43:39.822498 eth0         In   IP 210.107.xx.yy.65282 > 134.75.zzz.250.80   : Flags [P.], seq 1:78, ack 1, win 2051, ... , length 77
16:43:39.822517 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.65282 : Flags [.] , ack 78, win 489, ... , length 0
16:43:39.822556 docker0      Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [P.], seq 1:78, ack 1, win 502, ... , length 77
16:43:39.822578 veth30acbdc  Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [P.], seq 1:78, ack 1, win 502, ... , length 77
16:43:39.822595 veth30acbdc  P    IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [.] , ack 78, win 509, ... , length 0
16:43:39.822598 docker0      In   IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [.] , ack 78, win 509, ... , length 0
16:43:39.822949 veth30acbdc  P    IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [P.], seq 1:212, ack 78, win 509, ... , length 211
16:43:39.822957 docker0      In   IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [P.], seq 1:212, ack 78, win 509, ... , length 211
16:43:39.822982 docker0      Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [.] , ack 212, win 501, ... , length 0
16:43:39.822986 veth30acbdc  Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [.] , ack 212, win 501, ... , length 0
16:43:39.823024 veth30acbdc  P    IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [F.], seq 212:651, ack 78, win 509, ... , length 439
16:43:39.823026 docker0      In   IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [F.], seq 212:651, ack 78, win 509, ... , length 439
16:43:39.823030 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.65282 : Flags [P.], seq 1:212, ack 78, win 489, ... , length 211
16:43:39.823045 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.65282 : Flags [P.], seq 212:651, ack 78, win 489, ... , length 439
16:43:39.823057 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.65282 : Flags [F.], seq 651, ack 78, win 489, ... , length 0
16:43:39.827674 eth0         In   IP 210.107.xx.yy.65282 > 134.75.zzz.250.80   : Flags [.] , ack 212, win 2048, ... , length 0
16:43:39.827784 eth0         In   IP 210.107.xx.yy.65282 > 134.75.zzz.250.80   : Flags [.] , ack 652, win 2041, ... , length 0
16:43:39.828173 eth0         In   IP 210.107.xx.yy.65282 > 134.75.zzz.250.80   : Flags [F.], seq 78, ack 652, win 2048, ... , length 0
16:43:39.828179 eth0         Out  IP 134.75.zzz.250.80   > 210.107.xx.yy.65282 : Flags [.] , ack 79, win 489, ... , length 0
16:43:39.828236 docker0      Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [F.], seq 78, ack 652, win 501, ... , length 0
16:43:39.828238 veth30acbdc  Out  IP 172.17.0.1.52220    > 172.17.0.2.8000     : Flags [F.], seq 78, ack 652, win 501, ... , length 0
16:43:39.828254 veth30acbdc  P    IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [.] , ack 79, win 509, ... , length 0
16:43:39.828255 docker0      In   IP 172.17.0.2.8000     > 172.17.0.1.52220    : Flags [.] , ack 79, win 509, ... , length 0
^C
32 packets captured
34 packets received by filter
0 packets dropped by kernel
페이지 트리

버전 비교

이전 버전 2

새 버전 현재

키

Test Commands

Docker Host (134.75.zzz.250)
