[CIFS question]help me please
yang mikey
mikeyredmoon at gmail.com
Tue Jun 5 03:40:51 GMT 2007
Hi, everybody
I want to do a tool to monitor the windows share folder via parsing CIFS/SMB
packet,
then I read some documents, but I still have many questions.
1. When my program is started after the user logined to server, I can only
get the UID and TID,
How to get real user name and folder name via these infomation? well,
many guys tell me
It's impossible...
2. How to get client operation type by parsing the packet, the commandcode
in document, such as
SMB_COM_COPY, SMB_COM_DELETE, these messages were never appeared, Why?
3. I found that many operation can be judged by the commandcode
SMB_COM_CREATE_ANDX
then I found there has Access Mask in it, can I judge the operation type
by the AccessMask?
please help me! thanks a lot.
Mikey
More information about the samba-technical
mailing list