suricata in docker have Operation not permitted Error

Question

I built a docker image that has suricata in, but when i'm trying to run suricata, there is an error below:

3/9/2018 -- 02:58:12 - - This is Suricata version 4.0.5 RELEASE 3/9/2018 -- 02:58:12 - - [ERRCODE: SC_ERR_SYSCALL(50)] - Failure when trying to set feature via ioctl for 'ens33': Operation not permitted (1) 3/9/2018 -- 02:58:12 - - [ERRCODE: SC_ERR_SYSCALL(50)] - Failure when trying to set feature via ioctl for 'ens33': Operation not permitted (1) 3/9/2018 -- 02:58:12 - - [ERRCODE: SC_ERR_SYSCALL(50)] - Failure when trying to set feature via ioctl for 'ens33': Operation not permitted (1) 3/9/2018 -- 02:58:12 - - [ERRCODE: SC_ERR_SYSCALL(50)] - Failure when trying to set feature via ioctl for 'ens33': Operation not permitted (1) 3/9/2018 -- 02:58:12 - - all 2 packet processing threads, 4 management threads initialized, engine started.

docker images: ttbuge/suricata:4.5.2 run command: docker run -it --net=host -v $PWD/logs:/var/log/suricata ttbuge/suricata:4.5.2 suricata -i ens33

Any tips? thanks!

score 0 · Answer 1 · edited Apr 16 '20 at 07:33

0

Try to run it with --privileged option.

For example:

docker run --privileged -it --net=host -v $PWD/logs:/var/log/suricata ttbuge/suricata:4.5.2 suricata -i ens33

edited Apr 16 '20 at 07:33

סטנלי גרונן

2,917
23
46
68

answered Apr 16 '20 at 07:03

Manik Mahajan

1

suricata in docker have Operation not permitted Error

1 Answers1