On Fri, Jan 27, 2012 at 09:28:21AM +0100, Hendrik Schwartke wrote:
Hi,
there is currently no support for sniffing the network traffic of a virtual
nic, from local or remote. In some cases the debugging or monitoring of a guest
is therefore not as easy as it could be.
Although it's easy to start a network sniffer on the physical host, it requires
direct access to a shell and some knowledge of the current configuration of
the virtual networks.
I think it would be a great benefit for libvirt if network sniffing would be
possible out of the box.
Cool idea.
One idea would be to start a local tshark sniffing on the card and
connect this
to a local socket. This could then be forwarded by ssh to a wireshark process
running on a desktop.
I would favor doing the minimum in libvirt side to specify a packet
filter and a start/stop of the packet mirror, and then let the user
consume the resulting packet stream however they want on the client.
Other people may have more concrete suggestions.
I created a feature request for that:
https://bugzilla.redhat.com/show_bug.cgi?id=784893
Any thoughts or hints to implement that?
This seems like a good candidate for using libvirt's support for
streaming data, similar to consoles or screenshots. Take a look
through the code for how those APIs are implemented for a guide.
I'm not sure how familiar you are with the libvirt code, so forgive me
if you already know this: if you start with tools/virsh.c you can see
how the virsh console and virsh screenshot commands call their
respective APIs and then how those APIs use libvirt's streams to
deliver the resulting data.
Dave
Hendrik Schwartke
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list