GeoIP

Packet Viewer can use MaxMind GeoIP2 databases to translate IP addresses into geographic information including City, Country, and Autonomous System Number (ASN).

MaxMind GeoIP2 Databases

The MaxMind GeoIP2 databases are not included in the Packet Viewer Docker container. They can be licensed directly from MaxMind by integrators that want to include them in their products.

For more information, see MaxMind GeoIP2.

Installation

GeoIP2 database files (.mmdb format) must be installed in the following location within the Docker container:

/usr/share/GeoIP/

Deployment

GeoIP databases can be added to the container either by building a custom image or by mounting a local directory as a volume at runtime.

Custom Image

Create a custom Dockerfile that adds your GeoIP databases:

FROM packet-viewer:[version]

# Copy GeoIP databases
COPY *.mmdb /usr/share/GeoIP/

# Set the entrypoint to packet-viewer
ENTRYPOINT ["/pv-service", "--sharkd", "/usr/cloudshark/bin/sharkd", \
            "--config-dir", "/config", \
            "--captures-dir", "/data/captures", \
            "--profiles-dir", "/data/profiles"]

Volume Mount

Alternatively, mount your GeoIP directory when running the container:

docker run --rm -p 443:443 \
  -v /path/to/GeoIP:/usr/share/GeoIP \
  packet-viewer:[version]

This approach allows you to update GeoIP databases without rebuilding the container.

Product

Search Results