Dumped Packets?
Tim Potter
tpot at samba.org
Mon May 13 16:18:02 GMT 2002
On Mon, May 13, 2002 at 03:50:41PM -0500, root wrote:
> I was feeling rather underinformed one day, and got rather bent out of
> shape about it, so I turned my Samba debug level up to 100, because I
> can. I got the info I needed at the time, but today I noticed raw SMB
> packets being dumped into /tmp, each in an individual binary
> file. There are rather a lot of them in there. This could be useful,
> in some testing scenarios, if they could be converted from the binary
> format they are in.
>
> Is there some tool which will dump these packets in human readable
> form? Can I cat them all together in some way and look at them with
> Ethereal?
You might be able to import them into a capture file somehow. Ethereal has
a library for reading and writing capture files of various formats which
you could use for this.
I had a better idea the other day. There should be enough information in
a level 10 debug log tyo completely reconstruct a capture file. So you
should be able to dummy up ethernet/ip/tcp headers and insert this into
a capture file and you have an instant ethereal trace!
Tim.
More information about the samba-technical
mailing list