On Fri, Apr 21, 2017 at 12:14:54PM +0300, Anastasiya Ruzhanskaya wrote:
It seems, that I have turned off all encryption for tcp in
libvirt.conf,
but still rpc packets are not showed, only tcp. I suppose, that I don't
need to add additional plugins to wirehark for libvirt and rpc, am I right?
Libvirt provides a wireshark plugin - you need to make sure you've actually
intsalled that bit though, as its a separate rpm.
2017-04-21 11:23 GMT+03:00 Daniel P. Berrange <berrange(a)redhat.com>:
> On Fri, Apr 21, 2017 at 10:16:47AM +0300, Anastasiya Ruzhanskaya wrote:
> > Hello,
> > I have some questions about libvirt remote connection.
> > Am I right that internally libvirt uses only tcp ( ssh and tls are only
> > encryption based on this) + ftp ( when working with image itself)? Also I
> > have found that it uses RPC. However, as I know RPC runs above tcp but I
> > cannot capture these packets with wireshark when I am connecting remotely
> > to the host with vm? Is it somehow possible to find out, what data, what
> > messages, in what format are send from my server to the remote libvirt
> > (daemon I suppose?)?
>
> Libvirt uses a custom RPC protocol running above a number of different
> transports (TCP with SASL, TCP with TLS, SSH tunnel, etc, etc). Libvirt
> ships a wireshark plugin that can be used to analyse the network stream
> but you would have to turn off all authentication and use plain TCP
> to be able to see it otherwise it'll be encrypted and wireshark won;t
> see anything
>
>
> Regards,
> Daniel
> --
> |:
https://berrange.com -o-
https://www.flickr.com/photos/
> dberrange :|
> |:
https://libvirt.org -o-
>
https://fstop138.berrange.com :|
> |:
https://entangle-photo.org -o-
https://www.instagram.com/
> dberrange :|
>
Regards,
Daniel
--
|:
https://berrange.com -o-
https://www.flickr.com/photos/dberrange :|
|:
https://libvirt.org -o-
https://fstop138.berrange.com :|
|:
https://entangle-photo.org -o-
https://www.instagram.com/dberrange :|