Re: [libvirt] [PATCH v3 1/2] Introduce Libvirt Wireshark dissector
On 30.09.2013 14:15, Yuto KAWAMURA(kawamuray) wrote:
From: "Yuto KAWAMURA(kawamuray)"
<kawamuray.dadada(a)gmail.com>
Introduce Wireshark dissector plugin which adds support to Wireshark
for dissecting libvirt RPC protocol.
Added following files to build Wireshark dissector from libvirt source
tree.
* tools/wireshark/*: Source tree of Wireshark dissector plugin.
Added followings to configure.ac or Makefile.am.
configure.ac
* --with-wireshark-dissector: Enable support for building Wireshark
dissector.
* --with-ws-plugindir: Specify wireshark plugin directory that dissector
will installed.
* Added tools/wireshark/{Makefile,src/Makefile} to AC_CONFIG_FILES.
Makefile.am
* Added tools/wireshark/ to SUBDIR.
---
Makefile.am | 3 +-
cfg.mk | 8 +-
configure.ac | 72 ++-
tools/wireshark/Makefile.am | 29 +
tools/wireshark/README.md | 31 +
tools/wireshark/src/.gitignore | 4 +
tools/wireshark/src/Makefile.am | 42 ++
tools/wireshark/src/packet-libvirt.c | 512 ++++++++++++++++
tools/wireshark/src/packet-libvirt.h | 128 ++++
tools/wireshark/util/genxdrstub.pl | 1009 +++++++++++++++++++++++++++++++
tools/wireshark/util/make-dissector-reg | 198 ++++++
11 files changed, 2030 insertions(+), 6 deletions(-)
create mode 100644 tools/wireshark/Makefile.am
create mode 100644 tools/wireshark/README.md
create mode 100644 tools/wireshark/src/.gitignore
create mode 100644 tools/wireshark/src/Makefile.am
create mode 100644 tools/wireshark/src/packet-libvirt.c
create mode 100644 tools/wireshark/src/packet-libvirt.h
create mode 100755 tools/wireshark/util/genxdrstub.pl
create mode 100755 tools/wireshark/util/make-dissector-reg
I think we want tools/wireshark/src/.gitignore merged to global
$(srcdir)/.gitignore.
Moreover, I've noticed a strange behavior when dissecting some strings.
Try to dissect an opening sequence. The client calls CONNECT_OPEN
function with 2 arguments:
libvirt.remote_connect_open_args.name
libvirt.remote_connect_open_args.flags
While @flags are correctly dissected, the @name isn't. For example,
while executing "virsh -c qemu+tcp:///system list" I got this:
0000 00 00 00 38 20 00 80 86 00 00 00 01 00 00 00 01 ...8 ...........
0010 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 01 ................
0020 00 00 00 0e 71 65 6d 75 3a 2f 2f 2f 73 79 73 74 ....qemu:///syst
0030 65 6d 00 00 00 00 00 00 em......
where the @name is at 0x1c-10x1f and @flags at 0x20-0x24. However, some
strings are still dissected correctly
And when running 'virsh domfstrim $dom' I've encountered:
[Dissector bug, protocol libvirt: proto.c:2541: failed assertion
"hfinfo->type == FT_STRING || hfinfo->type == FT_STRINGZ"]
Besides this I like this approach the most and once you solve the string
dissecting bugs I will give you my ACK.
Michal