hadoop dissector

[Dario Lombardo <dario.lombardo.ml () gmail com>]

Hi list
I opened a hadoop 2.6 capture file with the current master and I found that
the hadoop dissector fails in opening the file (wrong dissection). This is
probably related to the changes in the wire protocol that have not been
reflected into the current dissector. So I decided to start understading
how the dissector should be updated... but I stucked.

I can't find the specifications of the wire protocol. I just found this
https://wiki.apache.org/hadoop/HadoopRpc.

I've found this project https://github.com/liukeyou/hadoop-wireshark that,
from the screenshots, sound promising, but is for WS 1.10, and is a plugin
for windows (my dev env is linux). I succeded to compile it as internal
dissector, but nothing gets dissected. Maybe it looks for something
somewhere that I didn't copy.

I tried to compile hadoop myself, to instrument it in order to have a
better understand of the flow and of the protocol, but the high level of
abstraction of the hadoop java code made me lost.

These are my attempts so far... not very happy about them.
Did anyone tried to make the same or something different? Anyone having
links/resources/ideas to share? Anyone interested in working on it?

Cheers,

Dario

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe