On Thu, Mar 08, 2012 at 11:00:18AM +0200, Georgios Petasis wrote:
Στις 8/3/2012 08:49, ο/η Alon Levy έγραψε:
>On Thu, Mar 08, 2012 at 08:35:56AM +0200, Alon Levy wrote:
>>On Wed, Mar 07, 2012 at 11:49:53PM +0200, Georgios Petasis wrote:
>>>Στις 7/3/2012 22:13, ο/η Alon Levy έγραψε:
>>>>sudo yum install tcpdump
>>>>sudo tcpdump -i lo -w /tmp/spice.cap
>>>>
>>>>hopefully that file will be small (you only need a few seconds of
>>>>capture for the key presses and virt-manager spice connection, i.e.
>>>>window open). compress it if it's too large.
>>>Dear Alon,
>>>
>>>I have placed the results here:
>>>
>>>http://server.intellitech.gr/spice.cap
>>>
>>>It does look like a binary file. Is it supposed to be this way?
>>Yes. Actually the file ending should have been pcap. It's a standard
>>format for network captures which I can read with wireshark with the
>>spice dissector and look for the key presses, just trying to figure out
>>if it's a problem at the client side or server/qemu side.
>>
>Sorry, wrong conclusion, it's probably spice but you didn't start the
>capture *before* the virt-manager connection.
>
>Perhaps an easier way to achieve that would be:
>
>destroy the vm. (stop it from virt-manager)
>start the capture (tcpdump -i ...)
>start the vm.
>do some key presses where you can see they don't have any affects.
>stop the capture.
>compress it this time - will save on the transport:
> bzip2 spice.cap
>
>Thanks,
>Alon
>
Dear Alon,
The VM runs on a headless pc, that I access through VNC.
I did the following:
a) Installed wireshark, run as root (couldn't manage to run it as a
normal user, even after adding the user to the wireshark group -
perhaps a selinux denial).
Yes, wireshark works just as well. I run it as root too.
b) Started capture on lo. I waited for a while, nothing got captured.
ok, if the VM runs on a separate pc, of course it doesn't work - I
wrongly assumed it was on the same pc as virt-manager. You need to
capture the interface that the spice connection is on - so the network
connection, which would be em1 / eth0. Wireshark has a neat mode where
it shows you the packets per interface before starting a capture on a
specific interface (menu->capture->interfaces, or ctrl-i).
c) I started virt-manager, and then started the VM. Nothing
captured.
d) I displayed the VM in virt-manager viewer, and capture started. I
waited until the capture log stopped having new entries.
e) I verified that each time I move the mouse, packets were captured.
f) I verified that when I press keys, again packets are logged.
I have saved the capture from inside wireshark here:
http://server.intellitech.gr/spice.cap.bz2
Towards the end of the capture, is only key presses, and the mouse
movement outside the VM viewer, to stop capturing.
I haven't managed to find the spice dissector in wireshark (I got
through yum).
It isn't in fedora yet, but it's in upstream.
Regards,
George