[Samba] tcpdump-smb won't work (got it working)

Pablo Graziano pablo at compugenic.com
Sat Dec 24 04:07:51 GMT 2005 

I finally got it working. I downloaded a different file 
(http://us1.samba.org/samba/ftp/tcpdump-smb/tcpdump-3.4a5.tar.gz)
then just did the /configure/make/make install/ trio and now it's working.

thanks

Pablo Graziano wrote:

> I've read everything I've found on tcpdump-smb, and still can't get it 
> to work right.
> I downloaded the binary from samba.org, and executed the command like so:
> (The command belowis directly from the README.smb that comes with 
> tcpdump-3.4a5.tar.gz)
>
> ./tcpdump -i eth0 port 139 host 192.168.0.1
> tcpdump: parse error
>
> How do I use it to get the decoded smb output?
>
>
> BTW: I also downloaded tcpdump-3.4a5.tar.gz and 
> tcpdump-3.4a5-smb.patch from http://us1.samba.org/samba/ftp/tcpdump-smb/
> root at host# Then I did:
> root at host# tar xzf tcpdump-3.4a5.tar.gz
> root at host# cd tcpdump-3.4a5
> root at host# patch -p1 < ../tcpdump-3.4a5-smb.patch
> (and get the output below)
> patching file Makefile.in
> patching file README.smb
> patching file print-llc.c
> patching file print-smb.c
> patching file print-tcp.c
> Hunk #2 succeeded at 351 (offset -18 lines).
> can't find file to patch at input line 1161
> Perhaps you used the wrong -p or --strip option?
> The text leading up to this was:
> --------------------------
> |diff -u --new-file /usr/src/redhat/tcpdump-3.4.orig/print-tcp.c.orig 
> ./print-tcp.c.orig
> |--- /usr/src/redhat/tcpdump-3.4.orig/print-tcp.c.orig  Mon Jun 16 
> 06:20:28 1997
> |+++ ./print-tcp.c.orig Sat Apr 17 11:15:17 1999
> --------------------------
> File to patch:
> Skip this patch? [y]
> Skipping patch.
> 4 out of 4 hunks ignored
> patching file print-udp.c
> patching file smb.h
> patching file smbutil.c
>
> Then I do:
> root at host# ./configure
> root at host# make
> (and get the output below at the end)
> gcc -O2 -DHAVE_FCNTL_H=1 -DHAVE_MALLOC_H=1 -DHAVE_MEMORY_H=1 
> -DTIME_WITH_SYS_TIME=1 -DHAVE_NET_SLIP_H=1 -DHAVE_VFPRINTF=1 
> -DHAVE_STRCASECMP=1 -DHAVE_ETHER_NTOA=1 -DHAVE_SETLINEBUF=1 
> -DRETSIGTYPE=void -DRETSIGVAL= -DHAVE_SIGSET=1  -DHAVE_FDDI -I.  
> -Ilinux-include -c ./smbutil.c
> smbutil.c: In function `make_unix_date':
> smbutil.c:44: error: storage size of `t' isn't known
> smbutil.c: In function `fdata1':
> smbutil.c:471: warning: pointer/integer type mismatch in conditional 
> expression
> make: *** [smbutil.o] Error 1
>
> So I can't configure/compile/install, and I think this is caused by 
> the failed patch job.
>
> Since I downloaded the binary itself, I shouldn't have to compile it 
> to get tcpdump-smb to work , right?
>
> If I'm just typing in the command wrong, please let me know.
>
> Thanks
>
>
>

More information about the samba mailing list