Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
While installing Malcolm in an environment running behind a proxy problems with the Arkime container occured. The script initarkime.sh tries to download/update the geo data but fails behind a proxy. Even when the proxy is configured as environment variable in the docker-compose file. There's no error message the script just won't return anything after line 11.
To reproduce
Steps to reproduce the behavior:
Install according to documentation
Set proxy environment variables HTTP_PROXY and HTTPS_PROXY on the file-monitor and arkime container
Start Malcolm with the script
Expected behavior
I would expect that the container would use the proxy specified in the HTTP(S)_PROXY env variable to get the geo data and report an error if something went wrong.
mmguero
commented
2 weeks ago 