Finally wireshark dissector for corosync 1.x srp is merged to the wireshark offcial source tree. From the next version of wireshark without patch can dissect the traffic of lower layer of your cluster! https://code.wireshark.org/review/#/c/725/ https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-corosync-totemnet.c https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-corosync-totemsrp.c Here is old document for how to let wireshark know the decryption key of corosync: https://github.com/masatake/wireshark-plugin-rhcs https://github.com/masatake/wireshark-plugin-rhcs/blob/master/screenshots/corosync_totemnet__pref.png I'll continue to work on upper layers and corosync 2. It takes more than 7 years for merging. During the period I got a son and he becomes a schoolboy now. Thank you for those who gave me advices about the protocols. Masatake YAMATO _______________________________________________ discuss mailing list discuss@xxxxxxxxxxxx http://lists.corosync.org/mailman/listinfo/discuss
