Q: Packet Dumping?
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Thu Oct 30 11:58:46 GMT 1997
On Thu, 30 Oct 1997, Alex Satrapa wrote:
> Sorry to bother you all... but I keep seeing references to "packet dumping"
> or "net tracing" when the Samba team (and others) are talking about
> implementing new protocols...
> Now I'm wondering, how do you do this? Can I just tell my Linux 2.0.31 box
> to go into promiscuous mode and record all packets carrying NetBIOS data,
> destined for any machine?
tcpdump -n -s 1500 -w dump_file
tcpdump -n -s 1500 -r dump_file > dump_file.txt
tcpdump -n -s 1500 -r dump_file | more
> Or is the packet dumping the Samba team are
> referring to part of the debug function of samba itself?
the log.nmb and log.smb files have limited packet parsing capabilities,
which i am improving and developing specifically on the RPC pipe side,
for later inclusion in tcpdump.
so, yes, we can be referring to the log files; yes, we can be referring
to tcpdump; yes we can also be referring to "netmon.exe" which, for the
current development underway is particularly useful: it's the only
reference we have for the correct parsing of RPC pipe packets
> would I need to buy specialist hardware to do this properly?*
> If this is covered in the docs, please point me to it. I've read through
> most of the docs directory already, but I probably ignored anything about
> packet dumping/sniffing at the time, considering it irrelevant to my needs.
> Thanks for your patience.
> *My favourite experience with protocol analysers was half an hour I got to
> watch a guy track down some faults in a mixed LAN using a Wandel-Goltermann
> WG50 protocol analyser. Very nice stuff... but it looked like "just" a
> Windows 3.11 PC with some fancy software, in a pretty box.
probably was! expensive software, too, probably.
> Windows 95: n. 32 bit extensions and a graphical shell for a 16 bit patch
> to an 8 bit operating system originally coded for a 4 bit microprocessor,
> written by a 2 bit company.
<a href="mailto:lkcl at switchboard.net" > Luke Kenneth Casson Leighton </a>
<a href="http://mailhost.cb1.com/~lkcl"> Lynx2.7-friendly Home Page </a>
<br><b> "Apply the Laws of Nature to your environment because your
environment applies the Laws of Nature to you" </b>
More information about the samba