Adding @timestamp to Wireshark's INFO column for creates with TWrp ECP

[Richard Sharpe]

Hi folks,

I have recently been doing a lot of work with Windows Previous
Versions and I was finding it hard to quickly find those create
requests that referred to previous versions (ie, had a TWrp ECP).

So, I submitted a change to Wireshark master branch that has now been
merged. It will likely turn up in 3.1.0.

The change was only for SMB2, but SMB1 already indicates in the path
name the timestamp and is going away anyway.

The attached is what it looks like. If you have suggestions about
changes let me know.

It simply adds @timestamp to the end of the info string. If the
pathname is long it still might take work to see them.

-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)(传说杜康是酒的发明者)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: TWrp-indic-1.PNG
Type: image/png
Size: 59715 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20191112/8330e1f8/TWrp-indic-1.png>