jgraglia/dshark.sh

## dshark.sh
#https://github.com/crccheck/docker-tcpdump
#docker ps format help https://docs.docker.com/engine/reference/commandline/ps/#format
# IPT : https://github.com/ruyadorno/ipt
function dshark {
	if [ $# == 0 ]; then
		CONTAINER=`docker ps --format='table {{.ID}} | {{.Names}} | {{.Command}}' | ipt | cut -d '|' -f 1`
		if [ "$$CONTAINER" == "" ]; then
			echo "Missing docker container: $CONTAINER"
			return 1
		fi
	else
		CONTAINER=$1
	fi
	echo "Will launch Wireshark capture on container $CONTAINER"
	docker ps --filter "id=$CONTAINER"
	docker run --rm --net=container:$CONTAINER crccheck/tcpdump -i any --immediate-mode -w - | wireshark -k -i -
}
	#https://github.com/crccheck/docker-tcpdump
	#docker ps format help https://docs.docker.com/engine/reference/commandline/ps/#format
	# IPT : https://github.com/ruyadorno/ipt
	function dshark {
	if [ $# == 0 ]; then
	CONTAINER=`docker ps --format='table {{.ID}} \| {{.Names}} \| {{.Command}}' \| ipt \| cut -d '\|' -f 1`
	if [ "$$CONTAINER" == "" ]; then
	echo "Missing docker container: $CONTAINER"
	return 1
	fi
	else
	CONTAINER=$1
	fi
	echo "Will launch Wireshark capture on container $CONTAINER"
	docker ps --filter "id=$CONTAINER"
	docker run --rm --net=container:$CONTAINER crccheck/tcpdump -i any --immediate-mode -w - \| wireshark -k -i -
	}