[libvirt] [PATCH 2/3] Introduce Libvirt Wireshark dissector
Michal Privoznik
mprivozn at redhat.com
Wed Sep 18 09:01:38 UTC 2013
On 18.09.2013 06:18, Yuto KAWAMURA(kawamuray) wrote:
> From: "Yuto KAWAMURA(kawamuray)" <kawamuray.dadada at gmail.com>
>
> Introduce Wireshark dissector plugin which adds support to Wireshark
> for dissecting libvirt RPC protocol.
> Added following files to build Wireshark dissector from libvirt source
> tree.
> * devtools/: New directory which tools for libvirt developers should be placed.
> * devtools/wireshark-dissector/*: Source tree of Wireshark dissector plugin.
>
> Added followings to configure.ac or Makefile.am.
> configure.ac
> * --with-wireshark-dissector: Enable support for building Wireshark dissector.
> * --with-ws-plugindir: Specify wireshark plugin directory that dissector will installed.
> * Added devtools/wireshark-dissector/{Makefile,src/Makefile} to AC_CONFIG_FILES.
> Makefile.am
> * Added devtools/wireshark-dissector/ to SUBDIR.
> ---
> Makefile.am | 3 +-
> cfg.mk | 8 +-
> configure.ac | 69 +-
> devtools/wireshark-dissector/Makefile.am | 28 +
> devtools/wireshark-dissector/README.md | 25 +
> devtools/wireshark-dissector/src/.gitignore | 2 +
> devtools/wireshark-dissector/src/Makefile.am | 31 +
> devtools/wireshark-dissector/src/moduleinfo.h | 36 +
> devtools/wireshark-dissector/src/packet-libvirt.c | 512 +++++++++++
> devtools/wireshark-dissector/src/packet-libvirt.h | 127 +++
> devtools/wireshark-dissector/src/plugin.c | 27 +
> devtools/wireshark-dissector/util/genxdrstub.pl | 1009 +++++++++++++++++++++
> 12 files changed, 1871 insertions(+), 6 deletions(-)
> create mode 100644 devtools/wireshark-dissector/Makefile.am
> create mode 100644 devtools/wireshark-dissector/README.md
> create mode 100644 devtools/wireshark-dissector/src/.gitignore
> create mode 100644 devtools/wireshark-dissector/src/Makefile.am
> create mode 100644 devtools/wireshark-dissector/src/moduleinfo.h
> create mode 100644 devtools/wireshark-dissector/src/packet-libvirt.c
> create mode 100644 devtools/wireshark-dissector/src/packet-libvirt.h
> create mode 100644 devtools/wireshark-dissector/src/plugin.c
> create mode 100755 devtools/wireshark-dissector/util/genxdrstub.pl
>
> diff --git a/Makefile.am b/Makefile.am
> index 4e24ecf..2385b0c 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> @@ -22,7 +22,8 @@ GENHTML = genhtml
> SUBDIRS = gnulib/lib include src daemon tools docs gnulib/tests \
> python tests po examples/domain-events/events-c examples/hellolibvirt \
> examples/dominfo examples/domsuspend examples/python examples/apparmor \
> - examples/xml/nwfilter examples/openauth examples/systemtap
> + examples/xml/nwfilter examples/openauth examples/systemtap \
> + devtools/wireshark-dissector
>
> ACLOCAL_AMFLAGS = -I m4 -I gnulib/m4
>
> diff --git a/cfg.mk b/cfg.mk
> index 3a31815..d169c51 100644
> --- a/cfg.mk
> +++ b/cfg.mk
> @@ -90,7 +90,7 @@ endif
>
> # Files that should never cause syntax check failures.
> VC_LIST_ALWAYS_EXCLUDE_REGEX = \
> - (^(HACKING|docs/(news\.html\.in|.*\.patch))|\.po)$$
> + (^(HACKING|docs/(news\.html\.in|.*\.patch))|\.po|devtools/wireshark-dissector/src/plugin.c)$$
>
> # Functions like free() that are no-ops on NULL arguments.
> useless_free_options = \
> @@ -969,7 +969,7 @@ exclude_file_name_regexp--sc_prohibit_newline_at_end_of_diagnostic = \
> ^src/rpc/gendispatch\.pl$$
>
> exclude_file_name_regexp--sc_prohibit_nonreentrant = \
> - ^((po|tests)/|docs/.*(py|html\.in)|run.in$$)
> + ^((po|tests)/|docs/.*(py|html\.in)|run.in$$|devtools/wireshark-dissector/util/genxdrstub\.pl$$)
>
> exclude_file_name_regexp--sc_prohibit_raw_allocation = \
> ^(docs/hacking\.html\.in)|(src/util/viralloc\.[ch]|examples/.*|tests/securityselinuxhelper\.c|tests/vircgroupmock\.c)$$
> @@ -980,7 +980,7 @@ exclude_file_name_regexp--sc_prohibit_readlink = \
> exclude_file_name_regexp--sc_prohibit_setuid = ^src/util/virutil\.c$$
>
> exclude_file_name_regexp--sc_prohibit_sprintf = \
> - ^(docs/hacking\.html\.in)|(examples/systemtap/.*stp)|(src/dtrace2systemtap\.pl)|(src/rpc/gensystemtap\.pl)$$
> + ^(docs/hacking\.html\.in)|(examples/systemtap/.*stp)|(src/dtrace2systemtap\.pl)|(src/rpc/gensystemtap\.pl)|(devtools/wireshark-dissector/util/genxdrstub\.pl)$$
>
> exclude_file_name_regexp--sc_prohibit_strncpy = ^src/util/virstring\.c$$
>
> @@ -1013,7 +1013,7 @@ exclude_file_name_regexp--sc_correct_id_types = \
> exclude_file_name_regexp--sc_m4_quote_check = m4/virt-lib.m4
>
> exclude_file_name_regexp--sc_prohibit_include_public_headers_quote = \
> - ^src/internal\.h$$
> + ^(src/internal\.h$$|devtools/wireshark-dissector/src/packet-libvirt.h$$)
>
> exclude_file_name_regexp--sc_prohibit_include_public_headers_brackets = \
> ^(python/|tools/|examples/|include/libvirt/(virterror|libvirt-(qemu|lxc))\.h$$)
> diff --git a/configure.ac b/configure.ac
> index 69a01ae..83c7de4 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -2561,6 +2561,67 @@ AM_CONDITIONAL([HAVE_LIBNL], [test "$have_libnl" = "yes"])
> AC_SUBST([LIBNL_CFLAGS])
> AC_SUBST([LIBNL_LIBS])
>
> +dnl wireshark dissector
> +
> +AC_ARG_WITH([wireshark-dissector], [
> + AS_HELP_STRING([--with-wireshark-dissector], [
> + enable wireshark dissector plugin support @<:@default=no@:>@
> + ])],
> + [ with_wireshark_dissector=$withval ],
> + [ with_wireshark_dissector=no ])
I think we want with_wireshark_dissector=check here, so the dissector is
enabled if a devel has wireshark and disabled if he hasn't. This however
require the following to be rewritten slightly.
> +
> +if test "$with_wireshark_dissector" != "no"; then
> + dnl Check for XDR headers existence
> + AC_CHECK_HEADERS([rpc/types.h])
> +
> + dnl Check for glib-2.0 existence
> + PKG_CHECK_MODULES([GLIB], [glib-2.0])
> + WS_DISSECTOR_CPPFLAGS="$WS_DISSECTOR_CPPFLAGS `$PKG_CONFIG --cflags glib-2.0`"
> +
> + dnl Search for wireshark(or tshark) command
> + AC_PATH_PROG([WIRESHARK], [wireshark])
> + AC_PATH_PROG([WIRESHARK], [tshark])
> + if test -z "$WIRESHARK"; then
> + AC_MSG_ERROR([command not found wireshark or tshark])
> + fi
> +
> + dnl Check for wireshark headers
> + save_CPPFLAGS="$CPPFLAGS"
> + WS_DISSECTOR_CPPFLAGS="$WS_DISSECTOR_CPPFLAGS -I`dirname $WIRESHARK`/../include/wireshark"
> + CPPFLAGS="$CPPFLAGS $WS_DISSECTOR_CPPFLAGS"
> + AC_CHECK_HEADERS([wireshark/config.h],, [
> + AC_MSG_ERROR([wireshark/config.h is required for wireshark-dissector support])
> + ])
> + AC_CHECK_HEADERS([wireshark/epan/packet.h wireshark/epan/dissectors/packet-tcp.h],, [
> + AC_MSG_ERROR([wireshark/epan/{packet,packet-tcp}.h are required for wireshark-dissector support])
> + ], [
> + #include <wireshark/config.h>
> + ])
> + CPPFLAGS="$save_CPPFLAGS"
> +
> + WS_DISSECTOR_PROTO_FILES='\
> + $(top_srcdir)/src/remote/remote_protocol.x \
> + $(top_srcdir)/src/remote/qemu_protocol.x \
> + $(top_srcdir)/src/remote/lxc_protocol.x \
> + $(top_srcdir)/src/rpc/virkeepaliveprotocol.x \
> + '
This variable can be hardcoded in
devtools/wireshark-dissector/src/Makefile.in.
> + AC_SUBST([WS_DISSECTOR_PROTO_FILES])
> + AC_SUBST([WS_DISSECTOR_CPPFLAGS])
> +fi
> +AM_CONDITIONAL([WITH_WIRESHARK_DISSECTOR], [test "$with_wireshark_dissector" = "yes"])
> +
> +AC_ARG_WITH([ws-plugindir], [
> + AC_HELP_STRING([--with-ws-plugindir], [
> + wireshark plugins directory that plugin will installed
> + ])],
> + [ ws_plugindir=$withval ])
> +
> +if test "$with_wireshark_dissector" != "no" && test -z "$ws_plugindir"; then
> + ws_version=`$WIRESHARK -v | head -1 | cut -f 2 -d' '`
> + ws_plugindir=`dirname $WIRESHARK`/../lib/wireshark/plugins/$ws_version
> +fi
> +AC_SUBST([ws_plugindir])
> +
> # Check for Linux vs. BSD ifreq members
> AC_CHECK_MEMBERS([struct ifreq.ifr_newname,
> struct ifreq.ifr_ifindex,
> @@ -2646,7 +2707,9 @@ AC_CONFIG_FILES([\
> examples/python/Makefile \
> examples/hellolibvirt/Makefile \
> examples/systemtap/Makefile \
> - examples/xml/nwfilter/Makefile])
> + examples/xml/nwfilter/Makefile \
> + devtools/wireshark-dissector/Makefile \
> + devtools/wireshark-dissector/src/Makefile])
> AC_OUTPUT
>
> AC_MSG_NOTICE([])
> @@ -2806,6 +2869,10 @@ AC_MSG_NOTICE([ XML Catalog: $XML_CATALOG_FILE])
> AC_MSG_NOTICE([ Init script: $with_init_script])
> AC_MSG_NOTICE([Char device locks: $with_chrdev_lock_files])
> AC_MSG_NOTICE([])
> +AC_MSG_NOTICE([Developer Tools])
> +AC_MSG_NOTICE([])
> +AC_MSG_NOTICE([Wireshark dissector: $with_wireshark_dissector])
> +AC_MSG_NOTICE([])
> AC_MSG_NOTICE([Privileges])
> AC_MSG_NOTICE([])
> AC_MSG_NOTICE([ QEMU: $QEMU_USER:$QEMU_GROUP])
> diff --git a/devtools/wireshark-dissector/Makefile.am b/devtools/wireshark-dissector/Makefile.am
> new file mode 100644
> index 0000000..6c535b5
> --- /dev/null
> +++ b/devtools/wireshark-dissector/Makefile.am
> @@ -0,0 +1,28 @@
> +## Process this file with automake to produce Makefile.in
> +
> +# Copyright (C) 2013 Yuto KAWAMURA(kawamuray) <kawamuray.dadada at gmail.com>
> +#
> +# This program is free software; you can redistribute it and/or
> +# modify it under the terms of the GNU General Public License
> +# as published by the Free Software Foundation; either version 3
> +# of the License, or (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
> +#
> +# Author: Yuto KAWAMURA(kawamuray)
> +if WITH_WIRESHARK_DISSECTOR
> +SUBDIRS = src
> +
> +# I think wireshark plugin is special case that doesn't need to install
> +# *.la(libtool archive) files.
> +# Maybe each plugin functionality should correspond to single file in
> +# plugins directory. So this hook keeps plugins directory clean.
> +install-exec-hook:
> + rm -f $(ws_plugindir)/libvirt.la
> +endif WITH_WIRESHARK_DISSECTOR
> diff --git a/devtools/wireshark-dissector/README.md b/devtools/wireshark-dissector/README.md
> new file mode 100644
> index 0000000..e0ea522
> --- /dev/null
> +++ b/devtools/wireshark-dissector/README.md
> @@ -0,0 +1,25 @@
> +About
> +=====
> +This is the project of Google Summer of Code 2013 accepted by QEMU.org and libvirt community.
> +The goal of this project is, provide Wireshark dissector for Libvirt RPC protocol. It will provide Libvirt packet overview/detail analysing in Wireshark. Furthermore, it will be able to build(generated) from RPC protocol definition placed in Libvirt source tree to support latest protocol specification.
Very long line, we use to wrap lines at 80 characters.
> +
> +See also:
> +- http://www.google-melange.com/gsoc/project/google/gsoc2013/kawamuray/7001
> +- http://wiki.qemu.org/Features/LibvirtWiresharkDissector
> +
> +Installation
> +=============
> +Run ./configure with --with-wireshark-dissector option enabled.
> +Then dissector will compiled with libvirt itself.
> +
> +Add/Remove protocol from dissector's support
> +--------------------------------------------
> +Modify xdr\_proto\_files in this directory.
> +
> +Changing installation directory
> +-------------------------------
> +You can change installation directory of pluggable shared object(libvirt.so) by specifying --with-ws-plugindir=<path>.
> +
> +You can install libvirt.so into your local wireshark plugin directory:
> +
> + ./configure --with-wireshark-dissector --with-ws-plugindir=$HOME/.wireshark/plugins
> diff --git a/devtools/wireshark-dissector/src/.gitignore b/devtools/wireshark-dissector/src/.gitignore
> new file mode 100644
> index 0000000..cc78368
> --- /dev/null
> +++ b/devtools/wireshark-dissector/src/.gitignore
> @@ -0,0 +1,2 @@
> +*.so
> +*.o
> diff --git a/devtools/wireshark-dissector/src/Makefile.am b/devtools/wireshark-dissector/src/Makefile.am
> new file mode 100644
> index 0000000..f409b2b
> --- /dev/null
> +++ b/devtools/wireshark-dissector/src/Makefile.am
> @@ -0,0 +1,31 @@
> +## Process this file with automake to produce Makefile.in
> +
> +# Copyright (C) 2013 Yuto KAWAMURA(kawamuray) <kawamuray.dadada at gmail.com>
> +#
> +# This program is free software; you can redistribute it and/or
> +# modify it under the terms of the GNU General Public License
> +# as published by the Free Software Foundation; either version 3
> +# of the License, or (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
> +#
> +# Author: Yuto KAWAMURA(kawamuray)
> +ws_plugin_LTLIBRARIES = libvirt.la
> +libvirt_la_SOURCES = packet-libvirt.c plugin.c
> +libvirt_la_CPPFLAGS = $(WS_DISSECTOR_CPPFLAGS)
> +libvirt_la_LDFLAGS = -avoid-version
> +
> +packet-libvirt.c: packet-libvirt.h libvirt/protocol.h
I think this is the right place to fill WS_DISSECTOR_PROTO_FILES in.
> +
> +libvirt/protocol.h: $(srcdir)/../util/genxdrstub.pl $(WS_DISSECTOR_PROTO_FILES)
> + LIBVIRT_VERSION=$(LIBVIRT_VERSION) \
> + $(PERL) $(srcdir)/../util/genxdrstub.pl $(WS_DISSECTOR_PROTO_FILES)
> +
> +clean-local:
> + -rm -rf libvirt/*.h
Michal
More information about the libvir-list
mailing list