[Samba] Reliability issues when using Windows 7

[morgan at tuxedo.darktech.org]

> Apparently Windows is unhappy with one of our network packets. We
> need to see the packet which Windows 7 does not like, and the
> natural source for that information is a packet trace.  Are you
> aware that tshark is able to split packet traces in chunks while
> taking them? So you could run it arbitrarily long without filling
> your disk if you delete old ones?

As a long-time Wireshark, née Ethereal, fan, that is exactly what I was going
to suggest. :) and tshark makes going through huge packet traces very, very 
easy. For someone who knows what they're looking at and knows how to effectively
use tshark's filters, the bad packet can be spotted in minutes even for 
very, very large traces.

Also, you can filter your packet capture so you're just getting CIFS packets 
and not everything else.



Message sent via Atmail Open - http://atmail.org/