From 9189e8475c5548acde9bda1415a080de5d41f58f Mon Sep 17 00:00:00 2001 From: "David E. O'Brien" Date: Tue, 2 Jun 1998 18:30:18 +0000 Subject: tcpdump(1) hacked to better understand SMB packets --- net/smbtcpdump/Makefile | 29 +++++++++++++++++++++++++++++ net/smbtcpdump/distinfo | 2 ++ net/smbtcpdump/pkg-comment | 1 + net/smbtcpdump/pkg-descr | 39 +++++++++++++++++++++++++++++++++++++++ net/smbtcpdump/pkg-plist | 2 ++ 5 files changed, 73 insertions(+) create mode 100644 net/smbtcpdump/Makefile create mode 100644 net/smbtcpdump/distinfo create mode 100644 net/smbtcpdump/pkg-comment create mode 100644 net/smbtcpdump/pkg-descr create mode 100644 net/smbtcpdump/pkg-plist (limited to 'net') diff --git a/net/smbtcpdump/Makefile b/net/smbtcpdump/Makefile new file mode 100644 index 000000000000..74e3fe4e83bd --- /dev/null +++ b/net/smbtcpdump/Makefile @@ -0,0 +1,29 @@ +# ex:ts=8 +# New ports collection makefile for: samba +# Version required: 1.9.18 +# Date created: 11th Feb 1995 +# Whom: gpalmer +# +# $Id$ +# + +DISTNAME= tcpdump-3.2.1 +PKGNAME= smbtcpdump-3.2.1 +CATEGORIES= net security +MASTER_SITES= ftp://ftp.ee.lbl.gov/old/ +EXTRACT_SUFX= .tar.Z + +PATCH_SITES= ftp://samba.anu.edu.au/pub/samba/tcpdump-smb/ +PATCHFILES= tcpdump-3.2.1-smb-diffs.gz + +MAINTAINER= obrien@FreeBSD.org + +GNU_CONFIGURE= yes +ALL_TARGET= depend tcpdump +MAN1= smbtcpdump.1 + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/tcpdump ${PREFIX}/sbin/smbtcpdump + ${INSTALL_MAN} ${WRKSRC}/tcpdump.1 ${PREFIX}/man/man1/smbtcpdump.1 + +.include diff --git a/net/smbtcpdump/distinfo b/net/smbtcpdump/distinfo new file mode 100644 index 000000000000..03fd4e1f043e --- /dev/null +++ b/net/smbtcpdump/distinfo @@ -0,0 +1,2 @@ +MD5 (tcpdump-3.2.1.tar.Z) = 36522b7210b978bc12184ec5bd12a105 +MD5 (tcpdump-3.2.1-smb-diffs.gz) = c940b4323e5d155dc8f96d124756d199 diff --git a/net/smbtcpdump/pkg-comment b/net/smbtcpdump/pkg-comment new file mode 100644 index 000000000000..85398c416d42 --- /dev/null +++ b/net/smbtcpdump/pkg-comment @@ -0,0 +1 @@ +tcpdump(1) hacked to better understand SMB packets diff --git a/net/smbtcpdump/pkg-descr b/net/smbtcpdump/pkg-descr new file mode 100644 index 000000000000..b860b5b897c2 --- /dev/null +++ b/net/smbtcpdump/pkg-descr @@ -0,0 +1,39 @@ +tcpdump(1) hacked to better understand SMB packets. +smbtcpdump gives the ability to interpret NBT and SMB packets in a fair bit +of detail. + +To capture all SMB packets going to or from host "fred" try this: + + tcpdump -i eth0 -s 1500 port 139 host fred + +If you want name resolution or browse packets then try ports 137 and +138 respectively. + +Example Output: + +Here is a sample of a capture of a "SMBsearch" directory search. If +you don't get output that looks like this then smbtcpdump is not working +correctly. + +NBT Session Packet +Flags=0x0 +Length=57 + +SMB PACKET: SMBsearch (REQUEST) +SMB Command = 0x81 +Error class = 0x0 +Error code = 0 +Flags1 = 0x8 +Flags2 = 0x3 +Tree ID = 2048 +Proc ID = 11787 +UID = 2048 +MID = 11887 +Word Count = 2 +smbvwv[]= +Count=98 +Attrib=HIDDEN SYSTEM DIR +smbbuf[]= +Path=\????????.??? +BlkType=0x5 +BlkLen=0 diff --git a/net/smbtcpdump/pkg-plist b/net/smbtcpdump/pkg-plist new file mode 100644 index 000000000000..f78b1479e994 --- /dev/null +++ b/net/smbtcpdump/pkg-plist @@ -0,0 +1,2 @@ +sbin/smbtcpdump +man/man1/smbtcpdump.1.gz -- cgit v1.2.3