T50 does not work with docker container

Question

I'm doing some experiments on Snort IDS using Docker container technology.

My objective is to test wether snort with the defaults settings can detect DoS and DDoS attacks.

I downloaded T50 multi-protocol packet injector and exectuted it on a container named T50_container.

Snort IDS is running on another container namend snort_container.

The issue is when I run T50 with T50 --flood a.a.a.a (a.a.a.a is the IP address of snort_container) I'm getting this error message :

error setting socket priority: Operation not permitted.

Thank you for providing me helps and insights.

Best regards.

score 3 · Accepted Answer · answered Aug 10 '15 at 19:20

3

For security reasons a Docker container runs by default with a reduced set of privileges. This prevents containers from doing things like mounting filesystems and modifying their own network configuration.

You can run a container without these restrictions by specifying the --privileged flag to docker run:

docker run --privileged ...

answered Aug 10 '15 at 19:20

larsks

277,717
41
399
399

That worked with --privileged. Thanks again @larsks ;-). – user2567806 Aug 10 '15 at 21:08

T50 does not work with docker container

1 Answers1