#VM INSTALL
Should install/run on most linux distros as long as Wireshark version 2.0.1 or newer is installed and the following steps (or equivalent) are successful.
sudo apt-get git
git clone https://github.com/NationalSecurityAgency/sharkPy
sudo apt-get install libpcap-dev
sudo apt-get install libglib2.0-dev
sudo apt-get install libpython-dev
sudo apt-get install wireshark-dev #if you didn't build/install wireshark (be sure wireshark libs are in LD_LIBRARY_PATH)
sudo apt-get install wireshark #if you didn't build/install wireshark (be sure wireshark libs are in LD_LIBRARY_PATH)
cd sharkPy
sudo ./setup install
#DOCKER
##Set up
First, make sharkPy directory and place Dockerfile into it. cd into this new directory.
##Build sharkPy Docker image docker build -t "ubuntu16_04:sharkPy" . Notes:
- build will take a while and should be completely automated.
- sharkPy dist code will be in /sharkPy
- build creates Ubuntu 16.04 image and installs sharkPy as a Python module
##Run interactively as Docker container.
###Should give you command prompt
docker run -it ubuntu16_04:sharkPy /bin/bash
###Command prompt and access to host NICs (to allow for network capture)
docker run -it --net=host ubuntu16_04:sharkPy /bin/bash
###Command prompt and mount directory (to access PCAPs)
TO-DO