Hi libvirt developers,
I would like to ask you to review the dissector of libvirt RPC
protocol which I've been developing on project of Google Summer of
Code 2013[1][2][3].
It can add support for dissecting libvirt RPC protocol packet which
communicate via TCP socket to Wireshark.
This feature was presented by Michal Privoznik year before last[4].
But it did only support dissecting packet headers.
This time I enhanced that dissector to support dissecting packet
payload. Furthermore, I provide code generator of dissector. So you
can get fresh build of dissector from libvirt RPC specification file
at any version you like.
Now it is available to build and install dissector from repository[3].
Only you need to do is:
git clone
https://github.com/kawamuray/libvirt-wireshark-dissector.git
cd libvirt-wireshark-dissector
autoreconf --install
./configure && make
sudo make install
Above commands only install a single shared object: $(dirname `which
wireshark`)/../lib/wireshark/plugins/<wireshark version>/libvirt.so .
After rebooting wireshark(or tshark), your wireshark have support for
dissecting libvirt RPC packet.
Please make sure your libvirtd is listening on port 16509(default
libvirtd port) and connect to libvirtd using TCP socket(e.g.
qemu+tcp:///system).
You can also try the feature; generate dissector from your libvirt
source tree by adding few options to ./configure.
Please see README and ./configure --help output for more detail.
Please try and review it. Any comments, reviews and patches for
dissector code, generator code and usability are welcome.
Regards.
kawamuray
[1]
http://www.google-melange.com/gsoc/project/google/gsoc2013/kawamuray/7001
[2]
http://wiki.qemu.org/Features/LibvirtWiresharkDissector
[3]
https://github.com/kawamuray/libvirt-wireshark-dissector
[4]
http://www.redhat.com/archives/libvir-list/2011-October/msg00301.html