Need to sniff packets in a Solaris Zone. Thanks in advance. asked 05 Aug '12, 12:16  Joe98765432s1 |
2 Answers:
I haven't tried it (and I don't have a zone'd system to try it on), but I don't see why it would not work. I'd suggest giving it a try. (If it doesn't work, try Solaris' snoop command.) answered 06 Aug '12, 06:05  JeffMorriss ♦ |
Within a non-global zone, you cannot switch interfaces in promiscuous mode (per default). Thus you cannot capture all packets in a non-global zone. To be able to capture, the zone needs the privilege net_rawaccess. Example:
However, if you sniff the interface (shared or exclusive) of non-global zones within the global zone, you should be able to see traffic of all zones that use this interface (use == have it mapped). It does not matter if you sniff with Wireshark or snoop. If you want to sniff within a zone, you must install Wireshark in that zone. If you want to sniff in the global zone, you must install Wireshark there. Regards answered 06 Aug '12, 14:49  Kurt Knochner ♦ |
