Hi guys,
I am trying to analyze libvirt rpc protocol by wireshark. But I found wireshark doesn't dissect libvirt packets. Here are my environments operations:1. Environments:
My system: Debian GNU/Linux buster/sid with kernel-4.15.0-1-amd64
Packages installed: libvirt0-4.1.0-2-amd64 libvirt-wireshark-4.1.0-2-amd64 wireshark-2.4.5-1-amd64
2. Libvirt configurations
/etc/libvirt/libvirtd.conf:
listen_tls = 0
listen_tcp = 1
tcp_port = "16509"
auth_tcp = "none"
/etc/libvirt/libvirtd.conf:
listen_tls = 0
listen_tcp = 1
tcp_port = "16509"
auth_tcp = "none"
Libvirtd started with options --listen
3. Check wireshark libvirt plugin:
Open menu: Help --> About wireshark --> Plugins. Libvirt plugin is found:
libvirt.so 4.1.0 dissector /usr/lib/x86_64-linux-gnu/w…rk/plugins/2.4.5/libvirt.so
libvirt.so 4.1.0 dissector /usr/lib/x86_64-linux-gnu/w…
4. Set wireshark listening on lo interface and filter as 'tcp.port==16509'. Execute virsh command via tcp protocol:
$ virsh -c qemu+tcp://localhost/system list
$ virsh -c qemu+tcp://localhost/system list
In wireshark, packets are parsed as TCP protocol. And I cannot find Libvirt protocol in 'Decode as..' protocols list. And libvirt protocol is also not found in Edit --> Preference --> Protocols.
So it seems libvirt packets are not dissected as libvirt protocol in wireshark. How can I use the wireshark libvirt plugin?
--
Best regards,
-----------------------------------
_______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
