Re: [libvirt] [PATCH] dissectors: Create dissector for Libvirt RPC

On Mon, Oct 10, 2011 at 11:54:16AM +0200, Michal Privoznik wrote: > This patch creates basic dissector for Libvirt RPC. The protocol > description can be found here: > > http://libvirt.org/internals/rpc.html > > Currently, only packet head dissecting is written. To fully dissect > packet payloads a more effort is needed, as each function has > different arguments (in general). However, this can be good > stepping stone for later expansion. Ideally, a script that > will generate this dissector from libvirt RPC file would be written. > --- > > Okay, this patch obviously belongs to wireshark mailing list, > but before I'll send it there, I guess we should decide if we > want it there. I mean there are 2 modes/ways for wireshark > dissectors: > 1) Place it into wireshark repo as many others. > Advantage: wireshark will be shipped with support for libvirt RPC > Disadvantage: wireshark will be shipped with support for libvirt RPC > > In other words, if you look at wireshark releases, they are not > as often as ours, so in the end, this dissector will be always one > or more step behind current libvirt. But many users will be able > to use it right after box open. > > 2) Dissector as plugin > Advantage: we can update it as often as we want > Disadvantage: users needs to install a plugin > > Personally, I prefer 2) as libvirt RPC is expanded pretty often, > and I expect this dissector to be used by libvirt developer mainly, > for who installing a plugin into wireshark can't be a real problem :) Yeah, option 2) is the one I'd like to see us focus on. As Dave says, if Wireshark want to include the libvirt plugin themselves too, that's great, but we need to make sure we ship one that is guarenteed up2date for it to be most useful to us.