Joona Heikkilä cxcorp

## wireshark-remote-capture-ssh-docker.md

      
        
          
            
              
              1 file
            
          
          
            
              
              0 forks
            
          
            
              
                
                0 comments
              
            
          
            
              
              0 stars
            
          
        
        
          
              
          
          
            
                cxcorp
                / wireshark-remote-capture-ssh-docker.md
            
            
              Created
              October 14, 2025 21:55
                — forked from milesrichardson/wireshark-remote-capture-ssh-docker.md
            
              
                bash command to open wireshark and capture packets in a remote docker container on a remote machine over SSH
              
          
        
      
        
  
      
    capture those packets

run this command on local machine where wireshark is installed (e.g. MacOS)
export raw_pcap="$(mktemp -t pcap-raw)" ; \
echo "Raw pcap: $raw_pcap" ; \
wireshark -k -i <(ssh ubuntu@my-cool-server.example.com '\
  docker run --rm \
 --net container:$(docker ps -qf name=haproxy) \