2013/8/29 Daniel P. Berrange <berrange(a)redhat.com>:
On Thu, Aug 29, 2013 at 01:22:56AM +0900, Yuto KAWAMURA wrote:
> Hi libvirt developers,
>
> I would like to ask you to review the dissector of libvirt RPC
> protocol which I've been developing on project of Google Summer of
> Code 2013[1][2][3].
>
> It can add support for dissecting libvirt RPC protocol packet which
> communicate via TCP socket to Wireshark.
>
> This feature was presented by Michal Privoznik year before last[4].
> But it did only support dissecting packet headers.
> This time I enhanced that dissector to support dissecting packet
> payload. Furthermore, I provide code generator of dissector. So you
> can get fresh build of dissector from libvirt RPC specification file
> at any version you like.
>
> Now it is available to build and install dissector from repository[3].
> Only you need to do is:
>
> git clone
https://github.com/kawamuray/libvirt-wireshark-dissector.git
> cd libvirt-wireshark-dissector
> autoreconf --install
> ./configure && make
> sudo make install
>
> Above commands only install a single shared object: $(dirname `which
> wireshark`)/../lib/wireshark/plugins/<wireshark version>/libvirt.so .
>
> After rebooting wireshark(or tshark), your wireshark have support for
> dissecting libvirt RPC packet.
>
> Please make sure your libvirtd is listening on port 16509(default
> libvirtd port) and connect to libvirtd using TCP socket(e.g.
> qemu+tcp:///system).
>
> You can also try the feature; generate dissector from your libvirt
> source tree by adding few options to ./configure.
> Please see README and ./configure --help output for more detail.
>
> Please try and review it. Any comments, reviews and patches for
> dissector code, generator code and usability are welcome.
I tested it and managed to get it working in wireshark.
Thanks Daniel.
NB, there's a Fedora 19 wireshark bug preventing it building,
but
that's easy to fix
https://bugzilla.redhat.com/show_bug.cgi?id=1002517
I didn't know this issue. I found another report of last month(
https://bugzilla.redhat.com/show_bug.cgi?id=981366 ).
Should I leave this issue or include ws_symbol_export.h in src/ and
add -Isrc/ to CPPFLAGS? Then people doesn't need to apply the patch.
Of course it is temporary aid until patch is applied to wireshark rpm.
What is your intention with this work long term. Do you want it to
live
in a standalone project ? It seems to me that it would be better if we
had this code present in the main libvirt.git repository. Having it
separate means you have a manual task to update the dissector every
time the RPC protocol changes.
I have motivation to keep improving and maintaining for this project.
But I think merging dissector source tree to libvirt.git is the best
option for me and libvirt developers. Then dissector can be get
contribution from libvirt developers.
I and Michal already had discussed about this and I decided to send
patches which does create new directory
"devtools/wireshark-dissector/" in libvirt.git.
If we have it in main libvirt.git we can
make it automatically generate the dissector from our XDR files during
libvirt build.
Well, this already can be done easily with util/genxdrdef.pl in
dissector repository, but yes, keeping dissector inside libvirt.git is
make it more easy and quick.
kawamuray