On Fri, 03/14 04:46, Shiva wrote: > Hello, > I am working on building an Storage Intrusion Detection System(SIDS) App > > inside a VM on KVM hypervisor. > > I wanted I/O's from other vm's to first contact this App VM and > > then finally write to the disk.I went with the network storage as > > an option to achieve this objective. But wanted to know what about > > I/O's that are not a shared on NFS-share for example? How can > > I intercept these I/O/'s ? As the guest VM will be having its own virtual disk > > and can write to its own partitions that are not part of NFS share. > > I know modifying Qemu could be other options here.(Like developing a > > driver or adding redirection of I/O). But I have a time constraint here and > > unlikely to achieve it by this way. > > Looking forward to your help/comments.Thanks > Not sure I understand it correctly, but this sounds doable to backend. If you want to intercept the IO's from other VM, can you move the location of its virtual disk and let them access throught your NFS you App VM can control? If you only want to observe the IO, you can mirror the writes to a target on the NFS. Thanks, Fam -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
