[libvirt-users] Unable to libvirt wireshark dissector
Han Han
hhan at redhat.com
Tue Mar 27 06:41:25 UTC 2018
Hi guys,
I am trying to analyze libvirt rpc protocol by wireshark. But I found
wireshark doesn't dissect libvirt packets. Here are my environments
operations:
1. Environments:
My system: Debian GNU/Linux buster/sid with *kernel-4.15.0-1-amd64*
Packages installed:
*libvirt0-4.1.0-2-amd64 libvirt-wireshark-4.1.0-2-amd64
wireshark-2.4.5-1-amd64*
2. Libvirt configurations
*/etc/libvirt/libvirtd.conf*:
*listen_tls = 0listen_tcp = 1tcp_port = "16509"auth_tcp = "none"*
Libvirtd started with options
*--listen*
3. Check wireshark libvirt plugin:
Open menu: *Help* --> *About* *wireshark* --> *Plugins*. Libvirt plugin is
found:
*libvirt.so 4.1.0 dissector
/usr/lib/x86_64-linux-gnu/w…rk/plugins/2.4.5/libvirt.so*
4. Set wireshark listening on *lo* interface and filter as
'tcp.port==16509'. Execute virsh command via tcp protocol:
$ virsh -c qemu+tcp://localhost/system list
In wireshark, packets are parsed as TCP protocol. And I cannot find Libvirt
protocol in 'Decode as..' protocols list. And libvirt protocol is also not
found in *Edit* --> *Preference* --> *Protocols*.
So it seems libvirt packets are not dissected as libvirt protocol in
wireshark. How can I use the wireshark libvirt plugin?
--
Best regards,
-----------------------------------
Han Han
Quality Engineer
Redhat.
Email: hhan at redhat.com
Phone: +861065339333 <+86%2010%206533%209333>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20180327/fac8f738/attachment.htm>
More information about the libvirt-users
mailing list