Hello, list. There are commits in the git master branch of the tcpdump packet analyzer adding support for the "tcp://" protocol schema of ZeroMQ (ZMTP/1.0 framing inside TCP segments produced by zeromq library version 2.x): https://github.com/mcr/tcpdump
There are also additional commits (not yet merged into master) improving ZeroMQ coverage up to "pgm://" and "epgm://" protocol schemas (ZMTP/1.0 framing inside a ZeroMQ datagram inside [E]PGM packets produced by zeromq library versions 2.x and 3.x): https://github.com/infrastation/tcpdump Guido Goldstein has suggested that I request broader testing of this decoder on the zeromq-dev mailing list. To watch the new decoder in action it is necessary to compile the modified source code as follows: git clone git://github.com/infrastation/tcpdump.git && cd tcpdump ./configure && make Particular set of command-line flags depends on what is being decoded: * "tcp://" ./tcpdump -ni eth0 -T zmtp1 tcp port 5555 (prepend "-v" to hex-dump up to 128 first bytes of each frame, prepend "-v -v" to hex-dump all bytes of each frame) * "pgm://" ./tcpdump -v -ni eth0 -T pgm_zmtp1 ip proto pgm (same as above, except without "-v" the decoder doesn't get past PGM) * "epgm://" ./tcpdump -v -ni eth0 -T pgm_zmtp1 udp port 5555 (same as above) To make this code better, please test it on your live ZeroMQ packets and let me know if it doesn't work for a particular case. Please note that the ZMTP/2.0 framing used by zeromq library version 3.x for "tcp://" schema is not supported by the current version of this decoder. Thank you. -- Denis Ovsienko _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
