[Samba] tcpdump-smb won't work
pablo at compugenic.com
Sat Dec 24 04:01:02 GMT 2005
I've read everything I've found on tcpdump-smb, and still can't get it
to work right.
I downloaded the binary from samba.org, and executed the command like so:
(The command belowis directly from the README.smb that comes with
./tcpdump -i eth0 port 139 host 192.168.0.1
tcpdump: parse error
How do I use it to get the decoded smb output?
BTW: I also downloaded tcpdump-3.4a5.tar.gz and tcpdump-3.4a5-smb.patch
root at host# Then I did:
root at host# tar xzf tcpdump-3.4a5.tar.gz
root at host# cd tcpdump-3.4a5
root at host# patch -p1 < ../tcpdump-3.4a5-smb.patch
(and get the output below)
patching file Makefile.in
patching file README.smb
patching file print-llc.c
patching file print-smb.c
patching file print-tcp.c
Hunk #2 succeeded at 351 (offset -18 lines).
can't find file to patch at input line 1161
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
|diff -u --new-file /usr/src/redhat/tcpdump-3.4.orig/print-tcp.c.orig
|--- /usr/src/redhat/tcpdump-3.4.orig/print-tcp.c.orig Mon Jun 16
|+++ ./print-tcp.c.orig Sat Apr 17 11:15:17 1999
File to patch:
Skip this patch? [y]
4 out of 4 hunks ignored
patching file print-udp.c
patching file smb.h
patching file smbutil.c
Then I do:
root at host# ./configure
root at host# make
(and get the output below at the end)
gcc -O2 -DHAVE_FCNTL_H=1 -DHAVE_MALLOC_H=1 -DHAVE_MEMORY_H=1
-DTIME_WITH_SYS_TIME=1 -DHAVE_NET_SLIP_H=1 -DHAVE_VFPRINTF=1
-DHAVE_STRCASECMP=1 -DHAVE_ETHER_NTOA=1 -DHAVE_SETLINEBUF=1
-DRETSIGTYPE=void -DRETSIGVAL= -DHAVE_SIGSET=1 -DHAVE_FDDI -I.
-Ilinux-include -c ./smbutil.c
smbutil.c: In function `make_unix_date':
smbutil.c:44: error: storage size of `t' isn't known
smbutil.c: In function `fdata1':
smbutil.c:471: warning: pointer/integer type mismatch in conditional
make: *** [smbutil.o] Error 1
So I can't configure/compile/install, and I think this is caused by the
failed patch job.
Since I downloaded the binary itself, I shouldn't have to compile it to
get tcpdump-smb to work , right?
If I'm just typing in the command wrong, please let me know.
More information about the samba