[winswitch] Update for Xpra running Wireshark in Docker container

Antoine Martin antoine at nagafix.co.uk
Sat Oct 12 04:26:26 BST 2019

On 11/10/2019 22:04, Florian Feldhaus via shifter-users wrote:
> A while ago, I created a Docker image to run Wireshark via a Webbrowser. You can find the old mail thread here:
> https://shifter-users.devloop.org.narkive.com/x5ibNYzP/winswitch-xpra-running-wireshark-in-docker-container <https://shifter-users.devloop.org.narkive.com/x5ibNYzP/winswitch-xpra-running-wireshark-in-docker-container>
> I completely forgot about this, but recently discovered that it seems to be really popular (over 200K downloads of the image to date) and I decided to update the image (and will ask people to donate to Wireshark and XPRA if they like the image).
> Mostly it is working fine, but there are a few errors / warnings from XPRA and some quality issues with the HTML5 client on high resolution displays (e.g. retina). Can you please help me understand or resolve these?
> You can find the xpra.conf here:
> https://github.com/ffeldhaus/docker-wireshark/blob/master/xpra.conf
"no-printing" is not a valid option, use "printing=no"
"ssl=www" should not be used since xpra 2.4, the default is better.

> Here’s the output from the XPRA start:
> 2019-10-11 13:54:03,413 Error: cannot enable SSH socket upgrades:
> 2019-10-11 13:54:03,413  No module named 'paramiko'
With paramiko installed, xpra can upgrade TCP sockets to support SSH:
So you can then connect using a regular SSH client as transport (ie: 
plink or openssh), or xpra's built-in SSH client (also using paramiko).

> 2019-10-11 13:54:03,414 created wss socket ''
> 2019-10-11 13:54:03,416 cannot access python uinput module:
> 2019-10-11 13:54:03,416  No module named 'uinput'
This harmless, can be used for simulating touch devices:

> _XSERVTransmkdir: ERROR: euid != 0,directory /tmp/.X11-unix will not be created.
> X.Org X Server 1.20.4
> X Protocol Version 11, Revision 0
> Build Operating System: Linux 4.9.0-8-amd64 x86_64 Debian
> Current Operating System: Linux ad83385fffde 4.9.184-linuxkit #1 SMP Tue Jul 2 22:58:16 UTC 2019 x86_64
> Kernel command line: BOOT_IMAGE=/boot/kernel console=ttyS0 console=ttyS1 page_poison=1 vsyscall=emulate panic=1 root=/dev/sr0 text
> Build Date: 05 March 2019  08:11:12PM
> xorg-server 2:1.20.4-1 (https://www.debian.org/support)
> Current version of pixman: 0.36.0
> 	Before reporting problems, check http://wiki.x.org
> 	to make sure that you have the latest version.
> Markers: (--) probed, (**) from config file, (==) default setting,
> 	(++) from command line, (!!) notice, (II) informational,
> 	(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
> (++) Log file: "/run/user/1000/xpra/Xorg.S1.log", Time: Fri Oct 11 13:54:05 2019
> (++) Using config file: "/etc/xpra/xorg.conf"
> (==) Using system config directory "/usr/share/X11/xorg.conf.d"
> 2019-10-11 13:54:09,129 Error adding xauth entry for :0
> 2019-10-11 13:54:09,129  using command "xauth -f /home/wireshark/.Xauthority add :0 MIT-MAGIC-COOKIE-1 aeb28935775b4c6189a3b88cb67f90d3":
> 2019-10-11 13:54:09,129  [Errno 2] No such file or directory: 'xauth': 'xauth'
Probably not needed in a container, but safer to have it.

> 2019-10-11 13:54:09,252 created unix domain socket '/run/user/1000/xpra/ad83385fffde-0'
> 2019-10-11 13:54:09,316 pointer device emulation using XTest
> 2019-10-11 13:54:09,395 serving html content from '/usr/share/xpra/www'
> 2019-10-11 13:54:10,098 OpenGL is supported on display ':0'
> 2019-10-11 13:54:10,098  using 'llvmpipe (LLVM 8.0, 256 bits)' renderer
> Warning: failed to import GStreamer 1.x:
>   Namespace Gst not available
> 2019-10-11 13:54:10,286 Error: failed to query sound subsystem:
> 2019-10-11 13:54:10,286  query did not return any data
Install the python gstreamer bindings to support audio forwarding.
Or disable audio with "speaker=no" and "microphone=no".

> (Xpra:1): Gtk-CRITICAL **: 13:54:10.287: gtk_widget_realize: assertion 'widget->priv->anchored || GTK_IS_INVISIBLE (widget)' failed
Safe to ignore, we can't silence it. Something in GTK.

> 2019-10-11 13:54:10,301 started command 'wireshark' with pid 45
> 2019-10-11 13:54:10,303 Warning: cannot watch for application menu changes without pyinotify:
> 2019-10-11 13:54:10,303  No module named 'pyinotify'
Not needed unless you want the client to be able to start new commands 
using a menu GUI.
Be aware than since v3, users can start new commands when connected to 
the server. Use "start-new-commands=no" to disable this capability.

> 2019-10-11 13:54:10,307 Warning: cannot use application menu data:
> 2019-10-11 13:54:10,307  no python-xdg module
Same as pyinotify above, the "new commands menu GUI" will not be 
available without this.

> QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-wireshark'
> nl80211 not found.
This is from wireshark.

> 2019-10-11 13:54:10,497 xpra is ready.
> 2019-10-11 13:54:10,499 xpra GTK3 X11 version 3.0-r24095 64-bit
> 2019-10-11 13:54:10,550 2.0GB of system memory
> 2019-10-11 13:54:11,327  uid=1000 (wireshark), gid=1000 (wireshark)
> 2019-10-11 13:54:11,328  running with pid 1 on Linux Debian testing bullseye
> 2019-10-11 13:54:11,330  connected to X11 display :0 with 24 bit colors
> 2019-10-11 13:54:29,256 Error: wss request failure
> 2019-10-11 13:54:29,256  for client
> 2019-10-11 13:54:29,256  request: 'ü1ÿD5a>Gä•®Ç(’ñÑŠ3èÀ–lݐYCEò Dԩ̸ôþñÿÆŸ˜ó{}÷3Œ'o—
> Åšð"ššÀ+À/À,À0̨̩ÀÀœ/5'
> 2019-10-11 13:54:29,256  [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:2508)
SSL client misconfiguration?

Summary:> Why is paramiko required?
> Is it necessary or helpful to use uinput with the HTML5 client or can I just ignore the message that uinput is missing?
Safe to ignore.
> Is xauth mandatory? If so, why is it not part of the required dependencies?
Not mandatory.
> Is it possible to disable the sound subsystem or should I just ignore that error?
Disabling it will make the server startup faster.
> What does the Gtk-CRITICAL message mean?
Some internal GTK thing.
> Is pyinotify required or helpful in this scenario? What is it used for?
Not required.
> I guess the SSLV3_ALERT_CERTIFICATE_UNKNOWN error is a result of using a self signed certificate. Is that correct?
No idea how you configured SSL or how you connected to it, so it's 
impossible to say for certain. You can find more information here:

> When I use this on a large display (5K), I often get very blurred output when a lot of Network packages are analyzed. That is probably expected, but the blurry images sometimes stay for several seconds and sometimes are not refreshed at all with a clear picture.
Some applications are known to refresh their windows regularly, even 
when nothing has actually changed on screen, this causes problems with 
xpra's builtin heuristics which then keep the picture quality lower than 
desired to try to keep up with the updates.
Otherwise, the picture is always eventually refreshed with a lossless 
one pretty quickly.

Also, be aware that I don't have a 5K display so this has never been 
tested with windows that big - so some things may need tweaking to 
improve the experience.
For a start, we there is a known issue with the html5 client on macos 
hi-dpi displays:

> I tested this on a local computer with more or less unlimited bandwidth. I tried to modify the encoding settings via xpra.conf, but it seems they had no effect. I checked the information at https://xpra.org/trac/wiki/Encodings/Debugging <https://xpra.org/trac/wiki/Encodings/Debugging> but I wasn’t able to fix this myself. Are there any hints for high quality encoding?
The best way would be to just add a new hint so we map wireshark to a 
"text" mode:

Alternatively, you should be able to get pixel perfect screen updates 
just by increasing the "min-quality" parameter.


> Thank you very much
> Florian

More information about the shifter-users mailing list