I've written wireshark packet dissectors for totemnet and totemsrp of corosync. See the attached png file. I have already submitted the patch to wireshark developers. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3232 Currently you have to get the patch from the bugziila and apply it to the original source code by yourself. I hope the patch is merged in soon. The greatest point is this patch supports decryption: you don't have to turn off "secauth" before capturing. However, "key" is needed to decrypt the packet. If you don't specified explicitly in cluster.conf, the name of cluster is the key. See the bugziila entry how to give the key to wireshark. I'm working on upper layer protocols like totempg, cman, "a", clvmd, and so on. Enjoy! Masatake YAMATO
-- Linux-cluster mailing list Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
