tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

[RFC 0/1] Add printing support for vsockmon devices.

From: ggarcia () deic uab cat
Date: Mon, 20 Jun 2016 17:14:22 +0200
From: Gerard Garcia <ggarcia () deic uab cat>

Virtual sockets AF_VSOCK are used for guest<->hypervisor communication. Right now the mainline linux kernel has support 
for AF_VSOCK sockets that make use of the vmware VMCI transport and there is an ongoing effort to include support for 
the VIRTIO transport which is used by the QEMU virtualizer.

Simultaneously, we are implementig a virtual network device called vsockmon that exposes this traffic to user space. 
This patch adds printing support for the vsockmon traffic to tcpdump.

We are still in process of integrating the vsockmon device into the linux kernel 
(http://lists.openwall.net/netdev/2016/05/28/18) so it is still possible that there are some small changes of the 
header, but if meanwhile we can get this code reviewd to ease the development of the final patch that would be great. 

This patch links the identifier DLT_USER0 to vsockmon traffic so it is necessary to link the header type 
ARPHRD_VSOCKMON to this identifier in libpcap: https://github.com/GerardGarcia/libpcap/tree/vsock. I understand that 
once the vosckmon code is merged into the mainline kernel we have to ask for an identifier in the mailing list.

Additionally, to test the code it is necessary to have a kernel patched with virtio-vsock and vsockmon support, and to 
setup a QEMU virtual machine to be able generate traffic. The repository in 
https://github.com/GerardGarcia/linux/tree/vsock-next provides a patched kernel and a go.sh script that facilitates the 
setup, if anyone is interested in testing the code I can provide additional detailed instructions.

To see which is the format of the printed messages I have uploaded a screenshot in http://imgur.com/7YrRHzJ

Any comments will be greatly appreciated, thanks.

Gerard Garcia (1):
  Add printing support for vsockmon devices.

 Makefile.in   |   1 +
 netdissect.h  |   1 +
 print-vsock.c | 211 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 print.c       |   3 +
 4 files changed, 216 insertions(+)
 create mode 100644 print-vsock.c

-- 
2.9.0

_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Previous By Date Next
Previous By Thread Next

Current thread: