Features/LibvirtWiresharkDissector

From QEMU
Revision as of 04:52, 24 June 2013 by Kawamuray (talk | contribs) (Created page with '=Notice= This is a GSoC 2013 project accepted by QEMU.org. You can see also my [http://www.google-melange.com/gsoc/proposal/review/google/gsoc2013/kawamuray/1 proposal]. =Summar…')
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Notice

This is a GSoC 2013 project accepted by QEMU.org. You can see also my proposal.

Summary

Provide Wireshark dissector for Libvirt RPC protocol. It will provide Libvirt packet overview/detail analysing in Wireshark. Furthermore, it could be build from RPC protocol definition placed in Libvirt source tree to support latest protocol specification.

Owner

  • Name: Yuto KAWAMURA(kawamuray)
  • Email: kawamuray.dadada { at } gmail.com
  • IRC: #virt,#qemu,#qemu-gsoc@irc.oftc.net

Locations

Feature

Dissect Libvirt RPC packet in Wireshark

Wireshark does not support dissect Libvirt RPC protocol. This feature will provide dissector of Wireshark that let you to see inside of Libvirt RPC packet. Actually, some implementation of dissector already exists here. But It doesn't support dissecting packet payload, and it is outdated.

The aim of this project is, provide Libvirt Wireshark dissector that supports not only dissect packet headers, but also packet payloads.

Automatic generation feature

Another aim of this project is, provide dissector code generator that referes Libvirt RPC protocol definition placed in libvirt distribution. Definition files are having extension '.x' which means SunRPC protocol definition file. Currently, definitions which will support by the dissector are:

  • src/remote/remote_protocol.x
  • src/remote/qemu_protocol.x
  • src/remote/lxc_protocol.x
  • part of src/rpc/virnetprotocol.x

Distribution form

Distribution form of this product is as Wireshark's plugin. Compiling this dissector will provide libvirt.so, which is shared object that can plugged into Wireshark at runtime.

Install

You need to copy libvirt.so to your Wireshark's plugins directory.(i.e, ~/.wireshark/plugins, /usr/lib/wireshark/plugins/<version>)

Development Status

This project is currently in development. There is no producible revision yet.