Wireshark modules for all layers

[ghost]

It would be really really useful to be able to run ipfs with --disable-transport-encryption, and then meaningfully dissect the incoming and outgoing packets.

• multistream-select
• multistream
• mplex muxer
• mounted protocols like bitswap, dht, identify
• etc.

The same applies to the dev consoles of browsers.

[dignifiedquire]

yes please, this could make debugging soo much better

[Kubuxu]

It is possible (I've looked into it in the past), it should be also quite easy to dump traffic into .pcap format from running node (just do it after decryption/before encryption) but it would be quite a bit of work in getting those stateful/connection tracking protocols implemented with either in Wireshark Lua or C API.

[ntninja]

Actually it would be even more useful if the IPFS daemon would gain support for SSLKEYLOGFILE (see the documentation at Wireshark and Mozilla), so that one can live monitor real IPFS network sessions in Wireshark. According to the Wireshark documentation this currently works out-of-the-box with Firefox, Chrome & Opera. IMHO this is superior to dumping .pcap files because it requires (I believe) very few modifications to the IPFS daemon source code, keeps the difference between "debugging mode" and "production mode" as small as possible and allows for the best capturing experience in Wireshark of all of the proposed solutions (particularly if the Wireshark dissectors are also implemented).

[Kubuxu]

Unfortunately that isn't a option as we don't use SSL currently. Dumping into file, after the decryption isn't that big of a problem (I had code for it in the past).

[mkg20001]

I'm writing such a module currently. https://github.com/mkg20001/libp2p-dissector
Help would be greatly appreciated! (Edit: Secio is now added - Decryption is a ToDo)