[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: capture VM network traffic
|
From: |
Jakob Bohm |
|
Subject: |
Re: capture VM network traffic |
|
Date: |
Fri, 20 Dec 2024 18:20:42 +0100 |
|
User-agent: |
Mozilla Thunderbird |
Hi,
If the network settings on the qemu command line sends the traffic
through a Linux kernel "bridge" device such as br0, running the capture
tool on the host watching that bridge device should capture everything.
Each of the other network attachment options will need a different
configuration, but in general, running the capture tool outside the VM
prevents programs inside the VM from interfering .
If you want the capture tool to see only the VM traffic, setting up a
dedicated bridge device for just that VM may help, but something else on
the HM needs to carry the traffic into the world, perhaps setting up the
HM as a router between the single VM network and the real network .
On 12/20/2024 10:46:34, lacsaP Patatetom wrote:
hi,
what network configuration (HM/VM side) would you set up to
capture/follow a virtual machine's network traffic, forcing it to pass
through tools such as tshark/wireshark, dnsmasq or mitmproxy ?
the host machine (HM) is an ArchLinux.
regards.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded