xref: /freebsd/contrib/tcpdump/print-smb.c (revision 6990ffd8a95caaba6858ad44ff1b3157d1efba8f)
1 /*
2    Copyright (C) Andrew Tridgell 1995-1999
3 
4    This software may be distributed either under the terms of the
5    BSD-style license that accompanies tcpdump or the GNU GPL version 2
6    or later */
7 
8 #ifdef HAVE_CONFIG_H
9 #include "config.h"
10 #endif
11 
12 #ifndef lint
13 static const char rcsid[] =
14      "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.7 2000/12/05 06:42:47 guy Exp $";
15 #endif
16 
17 #include <stdio.h>
18 #include <string.h>
19 #include <sys/types.h>
20 
21 #include "interface.h"
22 #include "smb.h"
23 
24 static int request=0;
25 
26 const uchar *startbuf=NULL;
27 
28 struct smbdescript
29 {
30   char *req_f1;
31   char *req_f2;
32   char *rep_f1;
33   char *rep_f2;
34   void (*fn)(); /* sometimes (u_char *, u_char *, u_char *, u_char *)
35 		and sometimes (u_char *, u_char *, int, int) */
36 };
37 
38 struct smbfns
39 {
40   int id;
41   char *name;
42   int flags;
43   struct smbdescript descript;
44 };
45 
46 #define DEFDESCRIPT  {NULL,NULL,NULL,NULL,NULL}
47 
48 #define FLG_CHAIN (1<<0)
49 
50 static struct smbfns *smbfind(int id,struct smbfns *list)
51 {
52   int sindex;
53 
54   for (sindex=0;list[sindex].name;sindex++)
55     if (list[sindex].id == id) return(&list[sindex]);
56 
57   return(&list[0]);
58 }
59 
60 static void trans2_findfirst(uchar *param,uchar *data,int pcnt,int dcnt)
61 {
62   char *fmt;
63 
64   if (request) {
65     fmt = "Attribute=[A]\nSearchCount=[d]\nFlags=[w]\nLevel=[dP5]\nFile=[S]\n";
66   } else {
67     fmt = "Handle=[w]\nCount=[d]\nEOS=[w]\nEoffset=[d]\nLastNameOfs=[w]\n";
68   }
69 
70   fdata(param,fmt,param+pcnt);
71   if (dcnt) {
72     printf("data:\n");
73     print_data(data,dcnt);
74   }
75 }
76 
77 static void trans2_qfsinfo(uchar *param,uchar *data,int pcnt,int dcnt)
78 {
79   static int level=0;
80   char *fmt="";
81 
82   if (request) {
83     level = SVAL(param,0);
84     fmt = "InfoLevel=[d]\n";
85     fdata(param,fmt,param+pcnt);
86   } else {
87     switch (level) {
88     case 1:
89       fmt = "idFileSystem=[W]\nSectorUnit=[D]\nUnit=[D]\nAvail=[D]\nSectorSize=[d]\n";
90       break;
91     case 2:
92       fmt = "CreationTime=[T2]VolNameLength=[B]\nVolumeLabel=[s12]\n";
93       break;
94     case 0x105:
95       fmt = "Capabilities=[W]\nMaxFileLen=[D]\nVolNameLen=[D]\nVolume=[S]\n";
96       break;
97     default:
98       fmt = "UnknownLevel\n";
99     }
100     fdata(data,fmt,data+dcnt);
101   }
102   if (dcnt) {
103     printf("data:\n");
104     print_data(data,dcnt);
105   }
106 }
107 
108 struct smbfns trans2_fns[] = {
109 {0,"TRANSACT2_OPEN",0,
110    {"Flags2=[w]\nMode=[w]\nSearchAttrib=[A]\nAttrib=[A]\nTime=[T2]\nOFun=[w]\nSize=[D]\nRes=([w,w,w,w,w])\nPath=[S]",NULL,
111     "Handle=[d]\nAttrib=[A]\nTime=[T2]\nSize=[D]\nAccess=[w]\nType=[w]\nState=[w]\nAction=[w]\nInode=[W]\nOffErr=[d]\n|EALength=[d]\n",NULL,NULL}},
112 
113 {1,"TRANSACT2_FINDFIRST",0,
114    {NULL,NULL,NULL,NULL,trans2_findfirst}},
115 
116 {2,"TRANSACT2_FINDNEXT",0,DEFDESCRIPT},
117 
118 {3,"TRANSACT2_QFSINFO",0,
119    {NULL,NULL,NULL,NULL,trans2_qfsinfo}},
120 
121 {4,"TRANSACT2_SETFSINFO",0,DEFDESCRIPT},
122 {5,"TRANSACT2_QPATHINFO",0,DEFDESCRIPT},
123 {6,"TRANSACT2_SETPATHINFO",0,DEFDESCRIPT},
124 {7,"TRANSACT2_QFILEINFO",0,DEFDESCRIPT},
125 {8,"TRANSACT2_SETFILEINFO",0,DEFDESCRIPT},
126 {9,"TRANSACT2_FSCTL",0,DEFDESCRIPT},
127 {10,"TRANSACT2_IOCTL",0,DEFDESCRIPT},
128 {11,"TRANSACT2_FINDNOTIFYFIRST",0,DEFDESCRIPT},
129 {12,"TRANSACT2_FINDNOTIFYNEXT",0,DEFDESCRIPT},
130 {13,"TRANSACT2_MKDIR",0,DEFDESCRIPT},
131 {-1,NULL,0,DEFDESCRIPT}};
132 
133 
134 static void print_trans2(uchar *words,uchar *dat,uchar *buf,uchar *maxbuf)
135 {
136   static struct smbfns *fn = &trans2_fns[0];
137   uchar *data,*param;
138   uchar *f1=NULL,*f2=NULL;
139   int pcnt,dcnt;
140 
141   if (request) {
142     fn = smbfind(SVAL(words+1,14*2),trans2_fns);
143     data = buf+SVAL(words+1,12*2);
144     param = buf+SVAL(words+1,10*2);
145     pcnt = SVAL(words+1,9*2);
146     dcnt = SVAL(words+1,11*2);
147   } else {
148     data = buf+SVAL(words+1,7*2);
149     param = buf+SVAL(words+1,4*2);
150     pcnt = SVAL(words+1,3*2);
151     dcnt = SVAL(words+1,6*2);
152   }
153 
154   printf("%s param_length=%d data_length=%d\n",
155 	 fn->name,pcnt,dcnt);
156 
157   if (request) {
158     if (CVAL(words,0) == 8) {
159       fdata(words+1,"Trans2Secondary\nTotParam=[d]\nTotData=[d]\nParamCnt=[d]\nParamOff=[d]\nParamDisp=[d]\nDataCnt=[d]\nDataOff=[d]\nDataDisp=[d]\nHandle=[d]\n",maxbuf);
160       return;
161     } else {
162       fdata(words+1,"TotParam=[d]\nTotData=[d]\nMaxParam=[d]\nMaxData=[d]\nMaxSetup=[d]\nFlags=[w]\nTimeOut=[D]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nDataCnt=[d]\nDataOff=[d]\nSetupCnt=[d]\n",words+1+14*2);
163       fdata(data+1,"TransactionName=[S]\n%",maxbuf);
164     }
165     f1 = fn->descript.req_f1;
166     f2 = fn->descript.req_f2;
167   } else {
168     if (CVAL(words,0) == 0) {
169       printf("Trans2Interim\n");
170       return;
171     } else {
172       fdata(words+1,"TotParam=[d]\nTotData=[d]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nParamDisp[d]\nDataCnt=[d]\nDataOff=[d]\nDataDisp=[d]\nSetupCnt=[d]\n",words+1+10*2);
173     }
174     f1 = fn->descript.rep_f1;
175     f2 = fn->descript.rep_f2;
176   }
177 
178   if (fn->descript.fn) {
179     fn->descript.fn(param,data,pcnt,dcnt);
180   } else {
181     fdata(param,f1?f1:(uchar*)"Paramaters=\n",param+pcnt);
182     fdata(data,f2?f2:(uchar*)"Data=\n",data+dcnt);
183   }
184 }
185 
186 
187 static void print_browse(uchar *param,int paramlen,const uchar *data,int datalen)
188 {
189   const uchar *maxbuf = data + datalen;
190   int command = CVAL(data,0);
191 
192   fdata(param,"BROWSE PACKET\n|Param ",param+paramlen);
193 
194   switch (command) {
195   case 0xF:
196     data = fdata(data,"BROWSE PACKET:\nType=[B] (LocalMasterAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nElectionVersion=[w]\nBrowserConstant=[w]\n",maxbuf);
197     break;
198 
199   case 0x1:
200     data = fdata(data,"BROWSE PACKET:\nType=[B] (HostAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nElectionVersion=[w]\nBrowserConstant=[w]\n",maxbuf);
201     break;
202 
203   case 0x2:
204     data = fdata(data,"BROWSE PACKET:\nType=[B] (AnnouncementRequest)\nFlags=[B]\nReplySystemName=[S]\n",maxbuf);
205     break;
206 
207   case 0xc:
208     data = fdata(data,"BROWSE PACKET:\nType=[B] (WorkgroupAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nCommentPointer=[W]\nServerName=[S]\n",maxbuf);
209     break;
210 
211   case 0x8:
212     data = fdata(data,"BROWSE PACKET:\nType=[B] (ElectionFrame)\nElectionVersion=[B]\nOSSummary=[W]\nUptime=[(W,W)]\nServerName=[S]\n",maxbuf);
213     break;
214 
215   case 0xb:
216     data = fdata(data,"BROWSE PACKET:\nType=[B] (BecomeBackupBrowser)\nName=[S]\n",maxbuf);
217     break;
218 
219   case 0x9:
220     data = fdata(data,"BROWSE PACKET:\nType=[B] (GetBackupList)\nListCount?=[B]\nToken?=[B]\n",maxbuf);
221     break;
222 
223   case 0xa:
224     data = fdata(data,"BROWSE PACKET:\nType=[B] (BackupListResponse)\nServerCount?=[B]\nToken?=[B]*Name=[S]\n",maxbuf);
225     break;
226 
227   case 0xd:
228     data = fdata(data,"BROWSE PACKET:\nType=[B] (MasterAnnouncement)\nMasterName=[S]\n",maxbuf);
229     break;
230 
231   case 0xe:
232     data = fdata(data,"BROWSE PACKET:\nType=[B] (ResetBrowser)\nOptions=[B]\n",maxbuf);
233     break;
234 
235   default:
236     data = fdata(data,"Unknown Browser Frame ",maxbuf);
237     break;
238   }
239 }
240 
241 
242 static void print_ipc(uchar *param,int paramlen,uchar *data,int datalen)
243 {
244   if (paramlen)
245     fdata(param,"Command=[w]\nStr1=[S]\nStr2=[S]\n",param+paramlen);
246   if (datalen)
247     fdata(data,"IPC ",data+datalen);
248 }
249 
250 
251 static void print_trans(uchar *words,uchar *data1,uchar *buf,uchar *maxbuf)
252 {
253   uchar *f1,*f2,*f3,*f4;
254   uchar *data,*param;
255   int datalen,paramlen;
256 
257   if (request) {
258     paramlen = SVAL(words+1,9*2);
259     param = buf + SVAL(words+1,10*2);
260     datalen = SVAL(words+1,11*2);
261     data = buf + SVAL(words+1,12*2);
262     f1 = "TotParamCnt=[d] \nTotDataCnt=[d] \nMaxParmCnt=[d] \nMaxDataCnt=[d]\nMaxSCnt=[d] \nTransFlags=[w] \nRes1=[w] \nRes2=[w] \nRes3=[w]\nParamCnt=[d] \nParamOff=[d] \nDataCnt=[d] \nDataOff=[d] \nSUCnt=[d]\n";
263     f2 = "|Name=[S]\n";
264     f3 = "|Param ";
265     f4 = "|Data ";
266   } else {
267     paramlen = SVAL(words+1,3*2);
268     param = buf + SVAL(words+1,4*2);
269     datalen = SVAL(words+1,6*2);
270     data = buf + SVAL(words+1,7*2);
271     f1 = "TotParamCnt=[d] \nTotDataCnt=[d] \nRes1=[d]\nParamCnt=[d] \nParamOff=[d] \nRes2=[d] \nDataCnt=[d] \nDataOff=[d] \nRes3=[d]\nLsetup=[d]\n";
272     f2 = "|Unknown ";
273     f3 = "|Param ";
274     f4 = "|Data ";
275   }
276 
277   fdata(words+1,f1,MIN(words+1+2*CVAL(words,0),maxbuf));
278   fdata(data1+2,f2,maxbuf - (paramlen + datalen));
279 
280   if (!strcmp(data1+2,"\\MAILSLOT\\BROWSE")) {
281     print_browse(param,paramlen,data,datalen);
282     return;
283   }
284 
285   if (!strcmp(data1+2,"\\PIPE\\LANMAN")) {
286     print_ipc(param,paramlen,data,datalen);
287     return;
288   }
289 
290   if (paramlen) fdata(param,f3,MIN(param+paramlen,maxbuf));
291   if (datalen) fdata(data,f4,MIN(data+datalen,maxbuf));
292 }
293 
294 
295 
296 static void print_negprot(uchar *words,uchar *data,uchar *buf,uchar *maxbuf)
297 {
298   uchar *f1=NULL,*f2=NULL;
299 
300   if (request) {
301     f2 = "*|Dialect=[Z]\n";
302   } else {
303     if (CVAL(words,0) == 1) {
304       f1 = "Core Protocol\nDialectIndex=[d]";
305     } else if (CVAL(words,0) == 17) {
306       f1 = "NT1 Protocol\nDialectIndex=[d]\nSecMode=[B]\nMaxMux=[d]\nNumVcs=[d]\nMaxBuffer=[D]\nRawSize=[D]\nSessionKey=[W]\nCapabilities=[W]\nServerTime=[T3]TimeZone=[d]\nCryptKey=";
307     } else if (CVAL(words,0) == 13) {
308       f1 = "Coreplus/Lanman1/Lanman2 Protocol\nDialectIndex=[d]\nSecMode=[w]\nMaxXMit=[d]\nMaxMux=[d]\nMaxVcs=[d]\nBlkMode=[w]\nSessionKey=[W]\nServerTime=[T1]TimeZone=[d]\nRes=[W]\nCryptKey=";
309     }
310   }
311 
312   if (f1)
313     fdata(words+1,f1,MIN(words + 1 + CVAL(words,0)*2,maxbuf));
314   else
315     print_data(words+1,MIN(CVAL(words,0)*2,PTR_DIFF(maxbuf,words+1)));
316 
317   if (f2)
318     fdata(data+2,f2,MIN(data + 2 + SVAL(data,0),maxbuf));
319   else
320     print_data(data+2,MIN(SVAL(data,0),PTR_DIFF(maxbuf,data+2)));
321 
322 }
323 
324 static void print_sesssetup(uchar *words,uchar *data,uchar *buf,uchar *maxbuf)
325 {
326   int wcnt = CVAL(words,0);
327   uchar *f1=NULL,*f2=NULL;
328 
329   if (request) {
330     if (wcnt==10) {
331       f1 = "Com2=[w]\nOff2=[d]\nBufSize=[d]\nMpxMax=[d]\nVcNum=[d]\nSessionKey=[W]\nPassLen=[d]\nCryptLen=[d]\nCryptOff=[d]\nPass&Name=\n";
332     } else {
333       f1 = "Com2=[B]\nRes1=[B]\nOff2=[d]\nMaxBuffer=[d]\nMaxMpx=[d]\nVcNumber=[d]\nSessionKey=[W]\nCaseInsensitivePasswordLength=[d]\nCaseSensitivePasswordLength=[d]\nRes=[W]\nCapabilities=[W]\nPass1&Pass2&Account&Domain&OS&LanMan=\n";
334     }
335   } else {
336     if (CVAL(words,0) == 3) {
337       f1 = "Com2=[w]\nOff2=[d]\nAction=[w]\n";
338     } else if (CVAL(words,0) == 13) {
339       f1 = "Com2=[B]\nRes=[B]\nOff2=[d]\nAction=[w]\n";
340       f2 = "NativeOS=[S]\nNativeLanMan=[S]\nPrimaryDomain=[S]\n";
341     }
342   }
343 
344   if (f1)
345     fdata(words+1,f1,MIN(words + 1 + CVAL(words,0)*2,maxbuf));
346   else
347     print_data(words+1,MIN(CVAL(words,0)*2,PTR_DIFF(maxbuf,words+1)));
348 
349   if (f2)
350     fdata(data+2,f2,MIN(data + 2 + SVAL(data,0),maxbuf));
351   else
352     print_data(data+2,MIN(SVAL(data,0),PTR_DIFF(maxbuf,data+2)));
353 }
354 
355 
356 static struct smbfns smb_fns[] =
357 {
358 {-1,"SMBunknown",0,DEFDESCRIPT},
359 
360 {SMBtcon,"SMBtcon",0,
361    {NULL,"Path=[Z]\nPassword=[Z]\nDevice=[Z]\n",
362     "MaxXmit=[d]\nTreeId=[d]\n",NULL,
363     NULL}},
364 
365 
366 {SMBtdis,"SMBtdis",0,DEFDESCRIPT},
367 {SMBexit,"SMBexit",0,DEFDESCRIPT},
368 {SMBioctl,"SMBioctl",0,DEFDESCRIPT},
369 
370 {SMBecho,"SMBecho",0,
371    {"ReverbCount=[d]\n",NULL,
372     "SequenceNum=[d]\n",NULL,
373     NULL}},
374 
375 {SMBulogoffX, "SMBulogoffX",FLG_CHAIN,DEFDESCRIPT},
376 
377 {SMBgetatr,"SMBgetatr",0,
378    {NULL,"Path=[Z]\n",
379     "Attribute=[A]\nTime=[T2]Size=[D]\nRes=([w,w,w,w,w])\n",NULL,
380     NULL}},
381 
382 {SMBsetatr,"SMBsetatr",0,
383    {"Attribute=[A]\nTime=[T2]Res=([w,w,w,w,w])\n","Path=[Z]\n",
384     NULL,NULL,NULL}},
385 
386 {SMBchkpth,"SMBchkpth",0,
387    {NULL,"Path=[Z]\n",NULL,NULL,NULL}},
388 
389 {SMBsearch,"SMBsearch",0,
390 {"Count=[d]\nAttrib=[A]\n","Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\n",
391 "Count=[d]\n","BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",NULL}},
392 
393 
394 {SMBopen,"SMBopen",0,
395    {"Mode=[w]\nAttribute=[A]\n","Path=[Z]\n",
396     "Handle=[d]\nOAttrib=[A]\nTime=[T2]Size=[D]\nAccess=[w]\n",NULL,
397     NULL}},
398 
399 {SMBcreate,"SMBcreate",0,
400    {"Attrib=[A]\nTime=[T2]","Path=[Z]\n",
401     "Handle=[d]\n",NULL,
402     NULL}},
403 
404 {SMBmknew,"SMBmknew",0,
405    {"Attrib=[A]\nTime=[T2]","Path=[Z]\n",
406     "Handle=[d]\n",NULL,
407     NULL}},
408 
409 {SMBunlink,"SMBunlink",0,
410    {"Attrib=[A]\n","Path=[Z]\n",NULL,NULL,NULL}},
411 
412 {SMBread,"SMBread",0,
413    {"Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n",NULL,
414     "Count=[d]\nRes=([w,w,w,w])\n",NULL,NULL}},
415 
416 {SMBwrite,"SMBwrite",0,
417    {"Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n",NULL,
418     "Count=[d]\n",NULL,NULL}},
419 
420 {SMBclose,"SMBclose",0,
421    {"Handle=[d]\nTime=[T2]",NULL,NULL,NULL,NULL}},
422 
423 {SMBmkdir,"SMBmkdir",0,
424    {NULL,"Path=[Z]\n",NULL,NULL,NULL}},
425 
426 {SMBrmdir,"SMBrmdir",0,
427    {NULL,"Path=[Z]\n",NULL,NULL,NULL}},
428 
429 {SMBdskattr,"SMBdskattr",0,
430 {NULL,NULL,
431 "TotalUnits=[d]\nBlocksPerUnit=[d]\nBlockSize=[d]\nFreeUnits=[d]\nMedia=[w]\n",
432 NULL,NULL}},
433 
434 {SMBmv,"SMBmv",0,
435    {"Attrib=[A]\n","OldPath=[Z]\nNewPath=[Z]\n",NULL,NULL,NULL}},
436 
437 /* this is a Pathworks specific call, allowing the
438    changing of the root path */
439 {pSETDIR,"SMBsetdir",0,
440    {NULL,"Path=[Z]\n",NULL,NULL,NULL}},
441 
442 {SMBlseek,"SMBlseek",0,
443    {"Handle=[d]\nMode=[w]\nOffset=[D]\n","Offset=[D]\n",NULL,NULL}},
444 
445 {SMBflush,"SMBflush",0,
446    {"Handle=[d]\n",NULL,NULL,NULL,NULL}},
447 
448 {SMBsplopen,"SMBsplopen",0,
449    {"SetupLen=[d]\nMode=[w]\n","Ident=[Z]\n","Handle=[d]\n",NULL,NULL}},
450 
451 {SMBsplclose,"SMBsplclose",0,
452    {"Handle=[d]\n",NULL,NULL,NULL,NULL}},
453 
454 {SMBsplretq,"SMBsplretq",0,
455    {"MaxCount=[d]\nStartIndex=[d]\n",NULL,
456     "Count=[d]\nIndex=[d]\n",
457     "*Time=[T2]Status=[B]\nJobID=[d]\nSize=[D]\nRes=[B]Name=[s16]\n",
458     NULL}},
459 
460 {SMBsplwr,"SMBsplwr",0,
461    {"Handle=[d]\n",NULL,NULL,NULL,NULL}},
462 
463 {SMBlock,"SMBlock",0,
464    {"Handle=[d]\nCount=[D]\nOffset=[D]\n",NULL,NULL,NULL,NULL}},
465 
466 {SMBunlock,"SMBunlock",0,
467    {"Handle=[d]\nCount=[D]\nOffset=[D]\n",NULL,NULL,NULL,NULL}},
468 
469 /* CORE+ PROTOCOL FOLLOWS */
470 
471 {SMBreadbraw,"SMBreadbraw",0,
472 {"Handle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nRes=[d]\n",
473  NULL,NULL,NULL,NULL}},
474 
475 {SMBwritebraw,"SMBwritebraw",0,
476 {"Handle=[d]\nTotalCount=[d]\nRes=[w]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nRes2=[W]\n|DataSize=[d]\nDataOff=[d]\n",
477 NULL,"WriteRawAck",NULL,NULL}},
478 
479 {SMBwritec,"SMBwritec",0,
480    {NULL,NULL,"Count=[d]\n",NULL,NULL}},
481 
482 {SMBwriteclose,"SMBwriteclose",0,
483    {"Handle=[d]\nCount=[d]\nOffset=[D]\nTime=[T2]Res=([w,w,w,w,w,w])",NULL,
484     "Count=[d]\n",NULL,NULL}},
485 
486 {SMBlockread,"SMBlockread",0,
487    {"Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n",NULL,
488     "Count=[d]\nRes=([w,w,w,w])\n",NULL,NULL}},
489 
490 {SMBwriteunlock,"SMBwriteunlock",0,
491    {"Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n",NULL,
492     "Count=[d]\n",NULL,NULL}},
493 
494 {SMBreadBmpx,"SMBreadBmpx",0,
495 {"Handle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nRes=[w]\n",
496 NULL,
497 "Offset=[D]\nTotCount=[d]\nRemaining=[d]\nRes=([w,w])\nDataSize=[d]\nDataOff=[d]\n",
498 NULL,NULL}},
499 
500 {SMBwriteBmpx,"SMBwriteBmpx",0,
501 {"Handle=[d]\nTotCount=[d]\nRes=[w]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nRes2=[W]\nDataSize=[d]\nDataOff=[d]\n",NULL,
502 "Remaining=[d]\n",NULL,NULL}},
503 
504 {SMBwriteBs,"SMBwriteBs",0,
505    {"Handle=[d]\nTotCount=[d]\nOffset=[D]\nRes=[W]\nDataSize=[d]\nDataOff=[d]\n",NULL,
506     "Count=[d]\n",NULL,NULL}},
507 
508 {SMBsetattrE,"SMBsetattrE",0,
509    {"Handle=[d]\nCreationTime=[T2]AccessTime=[T2]ModifyTime=[T2]",NULL,
510       NULL,NULL,NULL}},
511 
512 {SMBgetattrE,"SMBgetattrE",0,
513 {"Handle=[d]\n",NULL,
514  "CreationTime=[T2]AccessTime=[T2]ModifyTime=[T2]Size=[D]\nAllocSize=[D]\nAttribute=[A]\n",NULL,NULL}},
515 
516 {SMBtranss,"SMBtranss",0,DEFDESCRIPT},
517 {SMBioctls,"SMBioctls",0,DEFDESCRIPT},
518 
519 {SMBcopy,"SMBcopy",0,
520    {"TreeID2=[d]\nOFun=[w]\nFlags=[w]\n","Path=[S]\nNewPath=[S]\n",
521     "CopyCount=[d]\n","|ErrStr=[S]\n",NULL}},
522 
523 {SMBmove,"SMBmove",0,
524    {"TreeID2=[d]\nOFun=[w]\nFlags=[w]\n","Path=[S]\nNewPath=[S]\n",
525     "MoveCount=[d]\n","|ErrStr=[S]\n",NULL}},
526 
527 {SMBopenX,"SMBopenX",FLG_CHAIN,
528 {"Com2=[w]\nOff2=[d]\nFlags=[w]\nMode=[w]\nSearchAttrib=[A]\nAttrib=[A]\nTime=[T2]OFun=[w]\nSize=[D]\nTimeOut=[D]\nRes=[W]\n","Path=[S]\n",
529 "Com2=[w]\nOff2=[d]\nHandle=[d]\nAttrib=[A]\nTime=[T2]Size=[D]\nAccess=[w]\nType=[w]\nState=[w]\nAction=[w]\nFileID=[W]\nRes=[w]\n",NULL,NULL}},
530 
531 {SMBreadX,"SMBreadX",FLG_CHAIN,
532 {"Com2=[w]\nOff2=[d]\nHandle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nCountLeft=[d]\n",NULL,
533 "Com2=[w]\nOff2=[d]\nRemaining=[d]\nRes=[W]\nDataSize=[d]\nDataOff=[d]\nRes=([w,w,w,w])\n",NULL,NULL}},
534 
535 {SMBwriteX,"SMBwriteX",FLG_CHAIN,
536 {"Com2=[w]\nOff2=[d]\nHandle=[d]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nCountLeft=[d]\nRes=[w]\nDataSize=[d]\nDataOff=[d]\n",NULL,
537 "Com2=[w]\nOff2=[d]\nCount=[d]\nRemaining=[d]\nRes=[W]\n",NULL,NULL}},
538 
539 {SMBlockingX,"SMBlockingX",FLG_CHAIN,
540 {"Com2=[w]\nOff2=[d]\nHandle=[d]\nLockType=[w]\nTimeOut=[D]\nUnlockCount=[d]\nLockCount=[d]\n",
541 "*Process=[d]\nOffset=[D]\nLength=[D]\n",
542 "Com2=[w]\nOff2=[d]\n"}},
543 
544 {SMBffirst,"SMBffirst",0,
545 {"Count=[d]\nAttrib=[A]\n","Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n",
546 "Count=[d]\n","BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",NULL}},
547 
548 {SMBfunique,"SMBfunique",0,
549 {"Count=[d]\nAttrib=[A]\n","Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n",
550 "Count=[d]\n","BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",NULL}},
551 
552 {SMBfclose,"SMBfclose",0,
553 {"Count=[d]\nAttrib=[A]\n","Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n",
554 "Count=[d]\n","BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",NULL}},
555 
556 {SMBfindnclose, "SMBfindnclose", 0,
557    {"Handle=[d]\n",NULL,NULL,NULL,NULL}},
558 
559 {SMBfindclose, "SMBfindclose", 0,
560    {"Handle=[d]\n",NULL,NULL,NULL,NULL}},
561 
562 {SMBsends,"SMBsends",0,
563    {NULL,"Source=[Z]\nDest=[Z]\n",NULL,NULL,NULL}},
564 
565 {SMBsendstrt,"SMBsendstrt",0,
566    {NULL,"Source=[Z]\nDest=[Z]\n","GroupID=[d]\n",NULL,NULL}},
567 
568 {SMBsendend,"SMBsendend",0,
569    {"GroupID=[d]\n",NULL,NULL,NULL,NULL}},
570 
571 {SMBsendtxt,"SMBsendtxt",0,
572    {"GroupID=[d]\n",NULL,NULL,NULL,NULL}},
573 
574 {SMBsendb,"SMBsendb",0,
575    {NULL,"Source=[Z]\nDest=[Z]\n",NULL,NULL,NULL}},
576 
577 {SMBfwdname,"SMBfwdname",0,DEFDESCRIPT},
578 {SMBcancelf,"SMBcancelf",0,DEFDESCRIPT},
579 {SMBgetmac,"SMBgetmac",0,DEFDESCRIPT},
580 
581 {SMBnegprot,"SMBnegprot",0,
582    {NULL,NULL,NULL,NULL,print_negprot}},
583 
584 {SMBsesssetupX,"SMBsesssetupX",FLG_CHAIN,
585    {NULL,NULL,NULL,NULL,print_sesssetup}},
586 
587 {SMBtconX,"SMBtconX",FLG_CHAIN,
588 {"Com2=[w]\nOff2=[d]\nFlags=[w]\nPassLen=[d]\nPasswd&Path&Device=\n",NULL,
589  "Com2=[w]\nOff2=[d]\n","ServiceType=[S]\n",NULL}},
590 
591 {SMBtrans2, "SMBtrans2",0,{NULL,NULL,NULL,NULL,print_trans2}},
592 
593 {SMBtranss2, "SMBtranss2", 0,DEFDESCRIPT},
594 {SMBctemp,"SMBctemp",0,DEFDESCRIPT},
595 {SMBreadBs,"SMBreadBs",0,DEFDESCRIPT},
596 {SMBtrans,"SMBtrans",0,{NULL,NULL,NULL,NULL,print_trans}},
597 
598 {SMBnttrans,"SMBnttrans", 0, DEFDESCRIPT},
599 {SMBnttranss,"SMBnttranss", 0, DEFDESCRIPT},
600 
601 {SMBntcreateX,"SMBntcreateX", FLG_CHAIN,
602 {"Com2=[w]\nOff2=[d]\nRes=[b]\nNameLen=[d]\nFlags=[W]\nRootDirectoryFid=[D]\nAccessMask=[W]\nAllocationSize=[L]\nExtFileAttributes=[W]\nShareAccess=[W]\nCreateDisposition=[W]\nCreateOptions=[W]\nImpersonationLevel=[W]\nSecurityFlags=[b]\n","Path=[S]\n",
603 	 "Com2=[w]\nOff2=[d]\nOplockLevel=[b]\nFid=[d]\nCreateAction=[W]\nCreateTime=[T3]LastAccessTime=[T3]LastWriteTime=[T3]ChangeTime=[T3]ExtFileAttributes=[W]\nAllocationSize=[L]\nEndOfFile=[L]\nFileType=[w]\nDeviceState=[w]\nDirectory=[b]\n", NULL}},
604 
605 {SMBntcancel,"SMBntcancel", 0, DEFDESCRIPT},
606 
607 {-1,NULL,0,DEFDESCRIPT}};
608 
609 
610 /*******************************************************************
611 print a SMB message
612 ********************************************************************/
613 static void print_smb(const uchar *buf, const uchar *maxbuf)
614 {
615   int command;
616   const uchar *words, *data;
617   struct smbfns *fn;
618   char *fmt_smbheader =
619 "[P4]SMB Command   =  [B]\nError class   =  [BP1]\nError code    =  [d]\nFlags1        =  [B]\nFlags2        =  [B][P13]\nTree ID       =  [d]\nProc ID       =  [d]\nUID           =  [d]\nMID           =  [d]\nWord Count    =  [b]\n";
620 
621   request = (CVAL(buf,9)&0x80)?0:1;
622 
623   command = CVAL(buf,4);
624 
625   fn = smbfind(command,smb_fns);
626 
627   printf("\nSMB PACKET: %s (%s)\n",fn->name,request?"REQUEST":"REPLY");
628 
629   if (vflag == 0) return;
630 
631   /* print out the header */
632   fdata(buf,fmt_smbheader,buf+33);
633 
634   if (CVAL(buf,5)) {
635     int class = CVAL(buf,5);
636     int num = SVAL(buf,7);
637     printf("SMBError = %s\n",smb_errstr(class,num));
638   }
639 
640   words = buf+32;
641   data = words + 1 + CVAL(words,0)*2;
642 
643 
644   while (words && data)
645     {
646       char *f1,*f2;
647       int wct = CVAL(words,0);
648 
649       if (request) {
650 	f1 = fn->descript.req_f1;
651 	f2 = fn->descript.req_f2;
652       } else {
653 	f1 = fn->descript.rep_f1;
654 	f2 = fn->descript.rep_f2;
655       }
656 
657       if (fn->descript.fn) {
658 	fn->descript.fn(words,data,buf,maxbuf);
659       } else {
660 	if (f1) {
661 	  printf("smbvwv[]=\n");
662 	  fdata(words+1,f1,words + 1 + wct*2);
663 	} else if (wct) {
664 	  int i;
665 	  int v;
666 	  printf("smbvwv[]=\n");
667 	  for (i=0;i<wct;i++) {
668 	    v = SVAL(words+1,2*i);
669 	    printf("smb_vwv[%d]=%d (0x%X)\n",i,v,v);
670 	  }
671 	}
672 
673 	if (f2) {
674 	  printf("smbbuf[]=\n");
675 	  fdata(data+2,f2,maxbuf);
676 	} else {
677 	  int bcc = SVAL(data,0);
678 	  printf("smb_bcc=%d\n",bcc);
679 	  if (bcc>0) {
680 	    printf("smb_buf[]=\n");
681 	    print_data(data + 2, MIN(bcc,PTR_DIFF(maxbuf,data+2)));
682 	  }
683 	}
684       }
685 
686       if ((fn->flags & FLG_CHAIN) && CVAL(words,0) && SVAL(words,1)!=0xFF) {
687 	command = SVAL(words,1);
688 	words = buf + SVAL(words,3);
689 	data = words + 1 + CVAL(words,0)*2;
690 
691 	fn = smbfind(command,smb_fns);
692 
693 	printf("\nSMB PACKET: %s (%s) (CHAINED)\n",fn->name,request?"REQUEST":"REPLY");
694       } else {
695 	words = data = NULL;
696       }
697     }
698 
699   printf("\n");
700 }
701 
702 
703 /*
704    print a NBT packet received across tcp on port 139
705 */
706 void nbt_tcp_print(const uchar *data,int length)
707 {
708   const uchar *maxbuf = data + length;
709   int flags = CVAL(data,0);
710   int nbt_len = RSVAL(data,2);
711 
712   startbuf = data;
713   if (maxbuf <= data) return;
714 
715   printf("\n>>> NBT Packet\n");
716 
717   switch (flags) {
718   case 1:
719     printf("flags=0x%x\n", flags);
720   case 0:
721     data = fdata(data,"NBT Session Packet\nFlags=[rw]\nLength=[rd]\n",data+4);
722     if (data == NULL)
723       break;
724     if (memcmp(data,"\377SMB",4)==0) {
725       if (nbt_len>PTR_DIFF(maxbuf,data))
726 	printf("WARNING: Short packet. Try increasing the snap length (%ld)\n",
727 	       PTR_DIFF(maxbuf,data));
728       print_smb(data,maxbuf>data+nbt_len?data+nbt_len:maxbuf);
729     } else {
730 	    printf("Session packet:(raw data?)\n");
731     }
732     break;
733 
734   case 0x81:
735     data = fdata(data,"NBT Session Request\nFlags=[rW]\nDestination=[n1]\nSource=[n1]\n",maxbuf);
736     break;
737 
738   case 0x82:
739     data = fdata(data,"NBT Session Granted\nFlags=[rW]\n",maxbuf);
740     break;
741 
742   case 0x83:
743     {
744       int ecode = CVAL(data,4);
745       data = fdata(data,"NBT SessionReject\nFlags=[rW]\nReason=[B]\n",maxbuf);
746       switch (ecode) {
747       case 0x80:
748 	printf("Not listening on called name\n");
749 	break;
750       case 0x81:
751 	printf("Not listening for calling name\n");
752 	break;
753       case 0x82:
754 	printf("Called name not present\n");
755 	break;
756       case 0x83:
757 	printf("Called name present, but insufficient resources\n");
758 	break;
759       default:
760 	printf("Unspecified error 0x%X\n",ecode);
761 	break;
762       }
763     }
764     break;
765 
766   case 0x85:
767     data = fdata(data,"NBT Session Keepalive\nFlags=[rW]\n",maxbuf);
768     break;
769 
770   default:
771     printf("flags=0x%x\n", flags);
772     data = fdata(data,"NBT - Unknown packet type\nType=[rW]\n",maxbuf);
773   }
774   printf("\n");
775   fflush(stdout);
776 }
777 
778 
779 /*
780    print a NBT packet received across udp on port 137
781 */
782 void nbt_udp137_print(const uchar *data, int length)
783 {
784   const uchar *maxbuf = data + length;
785   int name_trn_id = RSVAL(data,0);
786   int response = (CVAL(data,2)>>7);
787   int opcode = (CVAL(data,2) >> 3) & 0xF;
788   int nm_flags = ((CVAL(data,2) & 0x7) << 4) + (CVAL(data,3)>>4);
789   int rcode = CVAL(data,3) & 0xF;
790   int qdcount = RSVAL(data,4);
791   int ancount = RSVAL(data,6);
792   int nscount = RSVAL(data,8);
793   int arcount = RSVAL(data,10);
794   char *opcodestr;
795   const char *p;
796 
797   startbuf = data;
798 
799   if (maxbuf <= data) return;
800 
801   printf("\n>>> NBT UDP PACKET(137): ");
802 
803   switch (opcode) {
804   case 0: opcodestr = "QUERY"; break;
805   case 5: opcodestr = "REGISTRATION"; break;
806   case 6: opcodestr = "RELEASE"; break;
807   case 7: opcodestr = "WACK"; break;
808   case 8: opcodestr = "REFRESH(8)"; break;
809   case 9: opcodestr = "REFRESH"; break;
810   default: opcodestr = "OPUNKNOWN"; break;
811   }
812   printf("%s", opcodestr);
813   if (response) {
814     if (rcode)
815       printf("; NEGATIVE");
816     else
817       printf("; POSITIVE");
818   }
819 
820   if (response)
821     printf("; RESPONSE");
822   else
823     printf("; REQUEST");
824 
825   if (nm_flags&1)
826     printf("; BROADCAST");
827   else
828     printf("; UNICAST");
829 
830   if (vflag == 0) return;
831 
832   printf("\nTrnID=0x%X\nOpCode=%d\nNmFlags=0x%X\nRcode=%d\nQueryCount=%d\nAnswerCount=%d\nAuthorityCount=%d\nAddressRecCount=%d\n",
833 	 name_trn_id,opcode,nm_flags,rcode,qdcount,ancount,nscount,arcount);
834 
835   p = data + 12;
836 
837   {
838     int total = ancount+nscount+arcount;
839     int i;
840 
841     if (qdcount>100 || total>100) {
842       printf("Corrupt packet??\n");
843       return;
844     }
845 
846     if (qdcount) {
847       printf("QuestionRecords:\n");
848       for (i=0;i<qdcount;i++)
849 	p = fdata(p,"|Name=[n1]\nQuestionType=[rw]\nQuestionClass=[rw]\n#",maxbuf);
850 	if (p == NULL)
851 	  goto out;
852     }
853 
854     if (total) {
855       printf("\nResourceRecords:\n");
856       for (i=0;i<total;i++) {
857 	int rdlen;
858 	int restype;
859 	p = fdata(p,"Name=[n1]\n#",maxbuf);
860 	if (p == NULL)
861 	  goto out;
862 	restype = RSVAL(p,0);
863 	p = fdata(p,"ResType=[rw]\nResClass=[rw]\nTTL=[rD]\n",p+8);
864 	if (p == NULL)
865 	  goto out;
866 	rdlen = RSVAL(p,0);
867 	printf("ResourceLength=%d\nResourceData=\n",rdlen);
868 	p += 2;
869 	if (rdlen == 6) {
870 	  p = fdata(p,"AddrType=[rw]\nAddress=[b.b.b.b]\n",p+rdlen);
871 	  if (p == NULL)
872 	    goto out;
873 	} else {
874 	  if (restype == 0x21) {
875 	    int numnames = CVAL(p,0);
876 	    p = fdata(p,"NumNames=[B]\n",p+1);
877 	    if (p == NULL)
878 	      goto out;
879 	    while (numnames--) {
880 	      p = fdata(p,"Name=[n2]\t#",maxbuf);
881 	      if (p[0] & 0x80) printf("<GROUP> ");
882 	      switch (p[0] & 0x60) {
883 	      case 0x00: printf("B "); break;
884 	      case 0x20: printf("P "); break;
885 	      case 0x40: printf("M "); break;
886 	      case 0x60: printf("_ "); break;
887 	      }
888 	      if (p[0] & 0x10) printf("<DEREGISTERING> ");
889 	      if (p[0] & 0x08) printf("<CONFLICT> ");
890 	      if (p[0] & 0x04) printf("<ACTIVE> ");
891 	      if (p[0] & 0x02) printf("<PERMANENT> ");
892 	      printf("\n");
893 	      p += 2;
894 	    }
895 	  } else {
896 	    print_data(p,rdlen);
897 	    p += rdlen;
898 	  }
899 	}
900       }
901     }
902   }
903 
904   if ((uchar*)p < maxbuf) {
905     fdata(p,"AdditionalData:\n",maxbuf);
906   }
907 
908 out:
909   printf("\n");
910   fflush(stdout);
911 }
912 
913 
914 
915 /*
916    print a NBT packet received across udp on port 138
917 */
918 void nbt_udp138_print(const uchar *data, int length)
919 {
920   const uchar *maxbuf = data + length;
921   startbuf = data;
922   if (maxbuf <= data) return;
923 
924   data = fdata(data,"\n>>> NBT UDP PACKET(138) Res=[rw] ID=[rw] IP=[b.b.b.b] Port=[rd] Length=[rd] Res2=[rw]\nSourceName=[n1]\nDestName=[n1]\n#",maxbuf);
925 
926   if (data != NULL)
927     print_smb(data,maxbuf);
928 
929   printf("\n");
930   fflush(stdout);
931 }
932 
933 
934 
935 /*
936    print netbeui frames
937 */
938 void netbeui_print(u_short control, const uchar *data, const uchar *maxbuf)
939 {
940   int len = SVAL(data,0);
941   int command = CVAL(data,4);
942   const uchar *data2 = data + len;
943   int is_truncated = 0;
944 
945   if (data2 >= maxbuf) {
946     data2 = maxbuf;
947     is_truncated = 1;
948   }
949 
950   startbuf = data;
951 
952   printf("\n>>> NetBeui Packet\nType=0x%X ", control);
953   data = fdata(data,"Length=[d] Signature=[w] Command=[B]\n#",maxbuf);
954   if (data == NULL)
955     goto out;
956 
957   switch (command) {
958   case 0xA:
959     data = fdata(data,"NameQuery:[P1]\nSessionNumber=[B]\nNameType=[B][P2]\nResponseCorrelator=[w]\nDestination=[n2]\nSource=[n2]\n",data2);
960     break;
961 
962   case 0x8:
963     data = fdata(data,"NetbiosDataGram:[P7]\nDestination=[n2]\nSource=[n2]\n",data2);
964     break;
965 
966   case 0xE:
967     data = fdata(data,"NameRecognise:\n[P1]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nDestination=[n2]\nSource=[n2]\n",data2);
968     break;
969 
970   case 0x19:
971     data = fdata(data,"SessionInitialise:\nData1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2);
972     break;
973 
974   case 0x17:
975     data = fdata(data,"SessionConfirm:\nData1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2);
976     break;
977 
978   case 0x16:
979     data = fdata(data,"NetbiosDataOnlyLast:\nFlags=[{|NO_ACK|PIGGYBACK_ACK_ALLOWED|PIGGYBACK_ACK_INCLUDED|}]\nResyncIndicator=[w][P2]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2);
980     break;
981 
982   case 0x14:
983     data = fdata(data,"NetbiosDataAck:\n[P3]TransmitCorrelator=[w][P2]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2);
984     break;
985 
986   case 0x18:
987     data = fdata(data,"SessionEnd:\n[P1]Data2=[w][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2);
988     break;
989 
990   case 0x1f:
991     data = fdata(data,"SessionAlive\n",data2);
992     break;
993 
994   default:
995     data = fdata(data,"Unknown Netbios Command ",data2);
996     break;
997   }
998   if (data == NULL)
999     goto out;
1000 
1001   if (is_truncated) {
1002     /* data2 was past the end of the buffer */
1003     goto out;
1004   }
1005 
1006   if (memcmp(data2,"\377SMB",4)==0) {
1007     print_smb(data2,maxbuf);
1008   } else {
1009     int i;
1010     for (i=0;i<128;i++) {
1011       if (&data2[i] >= maxbuf)
1012         break;
1013       if (memcmp(&data2[i],"\377SMB",4)==0) {
1014 	printf("found SMB packet at %d\n", i);
1015 	print_smb(&data2[i],maxbuf);
1016 	break;
1017       }
1018     }
1019   }
1020 
1021 out:
1022   printf("\n");
1023 }
1024 
1025 
1026 /*
1027    print IPX-Netbios frames
1028 */
1029 void ipx_netbios_print(const uchar *data, const uchar *maxbuf)
1030 {
1031   /* this is a hack till I work out how to parse the rest of the IPX stuff */
1032   int i;
1033   startbuf = data;
1034   for (i=0;i<128;i++)
1035     if (memcmp(&data[i],"\377SMB",4)==0) {
1036       fdata(data,"\n>>> IPX transport ",&data[i]);
1037       if (data != NULL)
1038 	print_smb(&data[i],maxbuf);
1039       printf("\n");
1040       fflush(stdout);
1041       break;
1042     }
1043   if (i==128)
1044     fdata(data,"\n>>> Unknown IPX ",maxbuf);
1045 }
1046