Hi guys, I am trying to analyze libvirt rpc protocol by wireshark. But I found wireshark doesn't dissect libvirt packets. Here are my environments operations:
1. Environments: My system: Debian GNU/Linux buster/sid with *kernel-4.15.0-1-amd64* Packages installed: *libvirt0-4.1.0-2-amd64 libvirt-wireshark-4.1.0-2-amd64 wireshark-2.4.5-1-amd64* 2. Libvirt configurations */etc/libvirt/libvirtd.conf*: *listen_tls = 0listen_tcp = 1tcp_port = "16509"auth_tcp = "none"* Libvirtd started with options *--listen* 3. Check wireshark libvirt plugin: Open menu: *Help* --> *About* *wireshark* --> *Plugins*. Libvirt plugin is found: *libvirt.so 4.1.0 dissector /usr/lib/x86_64-linux-gnu/w…rk/plugins/2.4.5/libvirt.so* 4. Set wireshark listening on *lo* interface and filter as 'tcp.port==16509'. Execute virsh command via tcp protocol: $ virsh -c qemu+tcp://localhost/system list In wireshark, packets are parsed as TCP protocol. And I cannot find Libvirt protocol in 'Decode as..' protocols list. And libvirt protocol is also not found in *Edit* --> *Preference* --> *Protocols*. So it seems libvirt packets are not dissected as libvirt protocol in wireshark. How can I use the wireshark libvirt plugin? -- Best regards, ----------------------------------- Han Han Quality Engineer Redhat. Email: h...@redhat.com Phone: +861065339333 <+86%2010%206533%209333>
_______________________________________________ libvirt-users mailing list libvirt-users@redhat.com https://www.redhat.com/mailman/listinfo/libvirt-users
