tcpdump(1) hacked to better understand SMB packets

svn path=/head/; revision=11214
2024-11-29 01:13:08 +00:00 · 1998-06-02 18:30:18 +00:00 · 1998-06-02 18:30:18 +00:00 · 9189e8475c · 2021-03-31 03:12:20 +00:00
commit 9189e8475c
parent 37d7377dec
5 changed files with 73 additions and 0 deletions
--- a/net/smbtcpdump/Makefile
+++ b/net/smbtcpdump/Makefile
@ -0,0 +1,29 @@
+# ex:ts=8
+# New ports collection makefile for:	samba
+# Version required:			1.9.18
+# Date created:				11th Feb 1995
+# Whom:					gpalmer
+#
+# $Id$
+#
+
+DISTNAME=	tcpdump-3.2.1
+PKGNAME=	smbtcpdump-3.2.1
+CATEGORIES=	net security
+MASTER_SITES=	ftp://ftp.ee.lbl.gov/old/
+EXTRACT_SUFX=	.tar.Z
+
+PATCH_SITES=	ftp://samba.anu.edu.au/pub/samba/tcpdump-smb/
+PATCHFILES=	tcpdump-3.2.1-smb-diffs.gz
+
+MAINTAINER=	obrien@FreeBSD.org
+
+GNU_CONFIGURE=	yes
+ALL_TARGET=	depend tcpdump
+MAN1=		smbtcpdump.1
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/tcpdump ${PREFIX}/sbin/smbtcpdump
+	${INSTALL_MAN} ${WRKSRC}/tcpdump.1 ${PREFIX}/man/man1/smbtcpdump.1
+
+.include <bsd.port.mk>
--- a/net/smbtcpdump/distinfo
+++ b/net/smbtcpdump/distinfo
@ -0,0 +1,2 @@
+MD5 (tcpdump-3.2.1.tar.Z) = 36522b7210b978bc12184ec5bd12a105
+MD5 (tcpdump-3.2.1-smb-diffs.gz) = c940b4323e5d155dc8f96d124756d199
--- a/net/smbtcpdump/pkg-comment
+++ b/net/smbtcpdump/pkg-comment
@ -0,0 +1 @@
+tcpdump(1) hacked to better understand SMB packets
--- a/net/smbtcpdump/pkg-descr
+++ b/net/smbtcpdump/pkg-descr
@ -0,0 +1,39 @@
+tcpdump(1) hacked to better understand SMB packets. 
+smbtcpdump gives the ability to interpret NBT and SMB packets in a fair bit
+of detail.
+
+To capture all SMB packets going to or from host "fred" try this:
+
+	tcpdump -i eth0 -s 1500 port 139 host fred
+
+If you want name resolution or browse packets then try ports 137 and
+138 respectively.
+
+Example Output:
+
+Here is a sample of a capture of a "SMBsearch" directory search. If
+you don't get output that looks like this then smbtcpdump is not working
+correctly.
+
+NBT Session Packet
+Flags=0x0
+Length=57
+
+SMB PACKET: SMBsearch (REQUEST)
+SMB Command   =  0x81
+Error class   =  0x0
+Error code    =  0
+Flags1        =  0x8
+Flags2        =  0x3
+Tree ID       =  2048
+Proc ID       =  11787
+UID           =  2048
+MID           =  11887
+Word Count    =  2
+smbvwv[]=
+Count=98
+Attrib=HIDDEN SYSTEM DIR 
+smbbuf[]=
+Path=\????????.???
+BlkType=0x5
+BlkLen=0
--- a/net/smbtcpdump/pkg-plist
+++ b/net/smbtcpdump/pkg-plist
@ -0,0 +1,2 @@
+sbin/smbtcpdump
+man/man1/smbtcpdump.1.gz
				`@ -0,0 +1 @@`
				`tcpdump(1) hacked to better understand SMB packets`