[libvirt] Feature Request: sniff a virtual interface of a guest
Dave Allan
dallan at redhat.com
Fri Jan 27 14:39:01 UTC 2012
On Fri, Jan 27, 2012 at 09:28:21AM +0100, Hendrik Schwartke wrote:
> Hi,
>
> there is currently no support for sniffing the network traffic of a virtual
> nic, from local or remote. In some cases the debugging or monitoring of a guest
> is therefore not as easy as it could be.
>
> Although it's easy to start a network sniffer on the physical host, it requires
> direct access to a shell and some knowledge of the current configuration of
> the virtual networks.
>
> I think it would be a great benefit for libvirt if network sniffing would be
> possible out of the box.
Cool idea.
> One idea would be to start a local tshark sniffing on the card and connect this
> to a local socket. This could then be forwarded by ssh to a wireshark process
> running on a desktop.
I would favor doing the minimum in libvirt side to specify a packet
filter and a start/stop of the packet mirror, and then let the user
consume the resulting packet stream however they want on the client.
Other people may have more concrete suggestions.
> I created a feature request for that: https://bugzilla.redhat.com/show_bug.cgi?id=784893
>
> Any thoughts or hints to implement that?
This seems like a good candidate for using libvirt's support for
streaming data, similar to consoles or screenshots. Take a look
through the code for how those APIs are implemented for a guide.
I'm not sure how familiar you are with the libvirt code, so forgive me
if you already know this: if you start with tools/virsh.c you can see
how the virsh console and virsh screenshot commands call their
respective APIs and then how those APIs use libvirt's streams to
deliver the resulting data.
Dave
> Hendrik Schwartke
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
More information about the libvir-list
mailing list