when start up container with
docker run --rm -it --privileged --net=host --name suricata -v $(pwd)/etc/suricata:/etc/suricata -d -e SURICATA_OPTIONS="--af-packet=eno2 -vvv" -e SYNPROXY_PORTS="80,8080,9090" vli39/suricata:6.0.9-amd64, the container will silently exit, and only one iptables SYNPROXY rules configured for port 80, note I added three ports "80,8080,9090" to SYNPROXY_PORTS, after reviewing docker-entrypoint.sh, found the bug and with diff below, fixed the problem, silly me :).
I wonder though how could I get docker container error log when it failed with docker-entrypoint.sh? to have better clue on what might go wrong
diff --git a/6.0/docker-entrypoint.sh b/6.0/docker-entrypoint.sh
index 0b3d32d..53e9926 100755
--- a/6.0/docker-entrypoint.sh
+++ b/6.0/docker-entrypoint.sh
@@ -95,7 +95,7 @@ if [ ! -z "$prog_id" ]; then
RULE_COMMENT="-m comment --comment "XDPSYNPROXY""
LINE=1
- for p in $(echo $SYNPROXY_PORTS | sed 's/,/ /')
+ for p in $(echo $SYNPROXY_PORTS | sed 's/,/ /g')
do
iptables -t raw -I PREROUTING $LINE -i $INTERFACE $RULE_COMMENT -p tcp -m tcp --syn --dport $p $CT
iptables -I INPUT $LINE -i $INTERFACE $RULE_COMMENT -p tcp -m tcp --dport $p $SYNPROXY
when start up container with
docker run --rm -it --privileged --net=host --name suricata -v $(pwd)/etc/suricata:/etc/suricata -d -e SURICATA_OPTIONS="--af-packet=eno2 -vvv" -e SYNPROXY_PORTS="80,8080,9090" vli39/suricata:6.0.9-amd64, the container will silently exit, and only one iptables SYNPROXY rules configured for port 80, note I added three ports"80,8080,9090"toSYNPROXY_PORTS, after reviewingdocker-entrypoint.sh, found the bug and with diff below, fixed the problem, silly me :).I wonder though how could I get docker container error log when it failed with
docker-entrypoint.sh? to have better clue on what might go wrong