1 /* 2 Copyright (C) Andrew Tridgell 1995-1999 3 4 This software may be distributed either under the terms of the 5 BSD-style license that accompanies tcpdump or the GNU GPL version 2 6 or later */ 7 8 #ifdef HAVE_CONFIG_H 9 #include "config.h" 10 #endif 11 12 #ifndef lint 13 static const char rcsid[] = 14 "@(#) $Header: /tcpdump/master/tcpdump/print-smb.c,v 1.7 2000/12/05 06:42:47 guy Exp $"; 15 #endif 16 17 #include <stdio.h> 18 #include <string.h> 19 #include <sys/types.h> 20 21 #include "interface.h" 22 #include "smb.h" 23 24 static int request=0; 25 26 const uchar *startbuf=NULL; 27 28 struct smbdescript 29 { 30 char *req_f1; 31 char *req_f2; 32 char *rep_f1; 33 char *rep_f2; 34 void (*fn)(); /* sometimes (u_char *, u_char *, u_char *, u_char *) 35 and sometimes (u_char *, u_char *, int, int) */ 36 }; 37 38 struct smbfns 39 { 40 int id; 41 char *name; 42 int flags; 43 struct smbdescript descript; 44 }; 45 46 #define DEFDESCRIPT {NULL,NULL,NULL,NULL,NULL} 47 48 #define FLG_CHAIN (1<<0) 49 50 static struct smbfns *smbfind(int id,struct smbfns *list) 51 { 52 int sindex; 53 54 for (sindex=0;list[sindex].name;sindex++) 55 if (list[sindex].id == id) return(&list[sindex]); 56 57 return(&list[0]); 58 } 59 60 static void trans2_findfirst(uchar *param,uchar *data,int pcnt,int dcnt) 61 { 62 char *fmt; 63 64 if (request) { 65 fmt = "Attribute=[A]\nSearchCount=[d]\nFlags=[w]\nLevel=[dP5]\nFile=[S]\n"; 66 } else { 67 fmt = "Handle=[w]\nCount=[d]\nEOS=[w]\nEoffset=[d]\nLastNameOfs=[w]\n"; 68 } 69 70 fdata(param,fmt,param+pcnt); 71 if (dcnt) { 72 printf("data:\n"); 73 print_data(data,dcnt); 74 } 75 } 76 77 static void trans2_qfsinfo(uchar *param,uchar *data,int pcnt,int dcnt) 78 { 79 static int level=0; 80 char *fmt=""; 81 82 if (request) { 83 level = SVAL(param,0); 84 fmt = "InfoLevel=[d]\n"; 85 fdata(param,fmt,param+pcnt); 86 } else { 87 switch (level) { 88 case 1: 89 fmt = "idFileSystem=[W]\nSectorUnit=[D]\nUnit=[D]\nAvail=[D]\nSectorSize=[d]\n"; 90 break; 91 case 2: 92 fmt = "CreationTime=[T2]VolNameLength=[B]\nVolumeLabel=[s12]\n"; 93 break; 94 case 0x105: 95 fmt = "Capabilities=[W]\nMaxFileLen=[D]\nVolNameLen=[D]\nVolume=[S]\n"; 96 break; 97 default: 98 fmt = "UnknownLevel\n"; 99 } 100 fdata(data,fmt,data+dcnt); 101 } 102 if (dcnt) { 103 printf("data:\n"); 104 print_data(data,dcnt); 105 } 106 } 107 108 struct smbfns trans2_fns[] = { 109 {0,"TRANSACT2_OPEN",0, 110 {"Flags2=[w]\nMode=[w]\nSearchAttrib=[A]\nAttrib=[A]\nTime=[T2]\nOFun=[w]\nSize=[D]\nRes=([w,w,w,w,w])\nPath=[S]",NULL, 111 "Handle=[d]\nAttrib=[A]\nTime=[T2]\nSize=[D]\nAccess=[w]\nType=[w]\nState=[w]\nAction=[w]\nInode=[W]\nOffErr=[d]\n|EALength=[d]\n",NULL,NULL}}, 112 113 {1,"TRANSACT2_FINDFIRST",0, 114 {NULL,NULL,NULL,NULL,trans2_findfirst}}, 115 116 {2,"TRANSACT2_FINDNEXT",0,DEFDESCRIPT}, 117 118 {3,"TRANSACT2_QFSINFO",0, 119 {NULL,NULL,NULL,NULL,trans2_qfsinfo}}, 120 121 {4,"TRANSACT2_SETFSINFO",0,DEFDESCRIPT}, 122 {5,"TRANSACT2_QPATHINFO",0,DEFDESCRIPT}, 123 {6,"TRANSACT2_SETPATHINFO",0,DEFDESCRIPT}, 124 {7,"TRANSACT2_QFILEINFO",0,DEFDESCRIPT}, 125 {8,"TRANSACT2_SETFILEINFO",0,DEFDESCRIPT}, 126 {9,"TRANSACT2_FSCTL",0,DEFDESCRIPT}, 127 {10,"TRANSACT2_IOCTL",0,DEFDESCRIPT}, 128 {11,"TRANSACT2_FINDNOTIFYFIRST",0,DEFDESCRIPT}, 129 {12,"TRANSACT2_FINDNOTIFYNEXT",0,DEFDESCRIPT}, 130 {13,"TRANSACT2_MKDIR",0,DEFDESCRIPT}, 131 {-1,NULL,0,DEFDESCRIPT}}; 132 133 134 static void print_trans2(uchar *words,uchar *dat,uchar *buf,uchar *maxbuf) 135 { 136 static struct smbfns *fn = &trans2_fns[0]; 137 uchar *data,*param; 138 uchar *f1=NULL,*f2=NULL; 139 int pcnt,dcnt; 140 141 if (request) { 142 fn = smbfind(SVAL(words+1,14*2),trans2_fns); 143 data = buf+SVAL(words+1,12*2); 144 param = buf+SVAL(words+1,10*2); 145 pcnt = SVAL(words+1,9*2); 146 dcnt = SVAL(words+1,11*2); 147 } else { 148 data = buf+SVAL(words+1,7*2); 149 param = buf+SVAL(words+1,4*2); 150 pcnt = SVAL(words+1,3*2); 151 dcnt = SVAL(words+1,6*2); 152 } 153 154 printf("%s param_length=%d data_length=%d\n", 155 fn->name,pcnt,dcnt); 156 157 if (request) { 158 if (CVAL(words,0) == 8) { 159 fdata(words+1,"Trans2Secondary\nTotParam=[d]\nTotData=[d]\nParamCnt=[d]\nParamOff=[d]\nParamDisp=[d]\nDataCnt=[d]\nDataOff=[d]\nDataDisp=[d]\nHandle=[d]\n",maxbuf); 160 return; 161 } else { 162 fdata(words+1,"TotParam=[d]\nTotData=[d]\nMaxParam=[d]\nMaxData=[d]\nMaxSetup=[d]\nFlags=[w]\nTimeOut=[D]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nDataCnt=[d]\nDataOff=[d]\nSetupCnt=[d]\n",words+1+14*2); 163 fdata(data+1,"TransactionName=[S]\n%",maxbuf); 164 } 165 f1 = fn->descript.req_f1; 166 f2 = fn->descript.req_f2; 167 } else { 168 if (CVAL(words,0) == 0) { 169 printf("Trans2Interim\n"); 170 return; 171 } else { 172 fdata(words+1,"TotParam=[d]\nTotData=[d]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nParamDisp[d]\nDataCnt=[d]\nDataOff=[d]\nDataDisp=[d]\nSetupCnt=[d]\n",words+1+10*2); 173 } 174 f1 = fn->descript.rep_f1; 175 f2 = fn->descript.rep_f2; 176 } 177 178 if (fn->descript.fn) { 179 fn->descript.fn(param,data,pcnt,dcnt); 180 } else { 181 fdata(param,f1?f1:(uchar*)"Paramaters=\n",param+pcnt); 182 fdata(data,f2?f2:(uchar*)"Data=\n",data+dcnt); 183 } 184 } 185 186 187 static void print_browse(uchar *param,int paramlen,const uchar *data,int datalen) 188 { 189 const uchar *maxbuf = data + datalen; 190 int command = CVAL(data,0); 191 192 fdata(param,"BROWSE PACKET\n|Param ",param+paramlen); 193 194 switch (command) { 195 case 0xF: 196 data = fdata(data,"BROWSE PACKET:\nType=[B] (LocalMasterAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nElectionVersion=[w]\nBrowserConstant=[w]\n",maxbuf); 197 break; 198 199 case 0x1: 200 data = fdata(data,"BROWSE PACKET:\nType=[B] (HostAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nElectionVersion=[w]\nBrowserConstant=[w]\n",maxbuf); 201 break; 202 203 case 0x2: 204 data = fdata(data,"BROWSE PACKET:\nType=[B] (AnnouncementRequest)\nFlags=[B]\nReplySystemName=[S]\n",maxbuf); 205 break; 206 207 case 0xc: 208 data = fdata(data,"BROWSE PACKET:\nType=[B] (WorkgroupAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nCommentPointer=[W]\nServerName=[S]\n",maxbuf); 209 break; 210 211 case 0x8: 212 data = fdata(data,"BROWSE PACKET:\nType=[B] (ElectionFrame)\nElectionVersion=[B]\nOSSummary=[W]\nUptime=[(W,W)]\nServerName=[S]\n",maxbuf); 213 break; 214 215 case 0xb: 216 data = fdata(data,"BROWSE PACKET:\nType=[B] (BecomeBackupBrowser)\nName=[S]\n",maxbuf); 217 break; 218 219 case 0x9: 220 data = fdata(data,"BROWSE PACKET:\nType=[B] (GetBackupList)\nListCount?=[B]\nToken?=[B]\n",maxbuf); 221 break; 222 223 case 0xa: 224 data = fdata(data,"BROWSE PACKET:\nType=[B] (BackupListResponse)\nServerCount?=[B]\nToken?=[B]*Name=[S]\n",maxbuf); 225 break; 226 227 case 0xd: 228 data = fdata(data,"BROWSE PACKET:\nType=[B] (MasterAnnouncement)\nMasterName=[S]\n",maxbuf); 229 break; 230 231 case 0xe: 232 data = fdata(data,"BROWSE PACKET:\nType=[B] (ResetBrowser)\nOptions=[B]\n",maxbuf); 233 break; 234 235 default: 236 data = fdata(data,"Unknown Browser Frame ",maxbuf); 237 break; 238 } 239 } 240 241 242 static void print_ipc(uchar *param,int paramlen,uchar *data,int datalen) 243 { 244 if (paramlen) 245 fdata(param,"Command=[w]\nStr1=[S]\nStr2=[S]\n",param+paramlen); 246 if (datalen) 247 fdata(data,"IPC ",data+datalen); 248 } 249 250 251 static void print_trans(uchar *words,uchar *data1,uchar *buf,uchar *maxbuf) 252 { 253 uchar *f1,*f2,*f3,*f4; 254 uchar *data,*param; 255 int datalen,paramlen; 256 257 if (request) { 258 paramlen = SVAL(words+1,9*2); 259 param = buf + SVAL(words+1,10*2); 260 datalen = SVAL(words+1,11*2); 261 data = buf + SVAL(words+1,12*2); 262 f1 = "TotParamCnt=[d] \nTotDataCnt=[d] \nMaxParmCnt=[d] \nMaxDataCnt=[d]\nMaxSCnt=[d] \nTransFlags=[w] \nRes1=[w] \nRes2=[w] \nRes3=[w]\nParamCnt=[d] \nParamOff=[d] \nDataCnt=[d] \nDataOff=[d] \nSUCnt=[d]\n"; 263 f2 = "|Name=[S]\n"; 264 f3 = "|Param "; 265 f4 = "|Data "; 266 } else { 267 paramlen = SVAL(words+1,3*2); 268 param = buf + SVAL(words+1,4*2); 269 datalen = SVAL(words+1,6*2); 270 data = buf + SVAL(words+1,7*2); 271 f1 = "TotParamCnt=[d] \nTotDataCnt=[d] \nRes1=[d]\nParamCnt=[d] \nParamOff=[d] \nRes2=[d] \nDataCnt=[d] \nDataOff=[d] \nRes3=[d]\nLsetup=[d]\n"; 272 f2 = "|Unknown "; 273 f3 = "|Param "; 274 f4 = "|Data "; 275 } 276 277 fdata(words+1,f1,MIN(words+1+2*CVAL(words,0),maxbuf)); 278 fdata(data1+2,f2,maxbuf - (paramlen + datalen)); 279 280 if (!strcmp(data1+2,"\\MAILSLOT\\BROWSE")) { 281 print_browse(param,paramlen,data,datalen); 282 return; 283 } 284 285 if (!strcmp(data1+2,"\\PIPE\\LANMAN")) { 286 print_ipc(param,paramlen,data,datalen); 287 return; 288 } 289 290 if (paramlen) fdata(param,f3,MIN(param+paramlen,maxbuf)); 291 if (datalen) fdata(data,f4,MIN(data+datalen,maxbuf)); 292 } 293 294 295 296 static void print_negprot(uchar *words,uchar *data,uchar *buf,uchar *maxbuf) 297 { 298 uchar *f1=NULL,*f2=NULL; 299 300 if (request) { 301 f2 = "*|Dialect=[Z]\n"; 302 } else { 303 if (CVAL(words,0) == 1) { 304 f1 = "Core Protocol\nDialectIndex=[d]"; 305 } else if (CVAL(words,0) == 17) { 306 f1 = "NT1 Protocol\nDialectIndex=[d]\nSecMode=[B]\nMaxMux=[d]\nNumVcs=[d]\nMaxBuffer=[D]\nRawSize=[D]\nSessionKey=[W]\nCapabilities=[W]\nServerTime=[T3]TimeZone=[d]\nCryptKey="; 307 } else if (CVAL(words,0) == 13) { 308 f1 = "Coreplus/Lanman1/Lanman2 Protocol\nDialectIndex=[d]\nSecMode=[w]\nMaxXMit=[d]\nMaxMux=[d]\nMaxVcs=[d]\nBlkMode=[w]\nSessionKey=[W]\nServerTime=[T1]TimeZone=[d]\nRes=[W]\nCryptKey="; 309 } 310 } 311 312 if (f1) 313 fdata(words+1,f1,MIN(words + 1 + CVAL(words,0)*2,maxbuf)); 314 else 315 print_data(words+1,MIN(CVAL(words,0)*2,PTR_DIFF(maxbuf,words+1))); 316 317 if (f2) 318 fdata(data+2,f2,MIN(data + 2 + SVAL(data,0),maxbuf)); 319 else 320 print_data(data+2,MIN(SVAL(data,0),PTR_DIFF(maxbuf,data+2))); 321 322 } 323 324 static void print_sesssetup(uchar *words,uchar *data,uchar *buf,uchar *maxbuf) 325 { 326 int wcnt = CVAL(words,0); 327 uchar *f1=NULL,*f2=NULL; 328 329 if (request) { 330 if (wcnt==10) { 331 f1 = "Com2=[w]\nOff2=[d]\nBufSize=[d]\nMpxMax=[d]\nVcNum=[d]\nSessionKey=[W]\nPassLen=[d]\nCryptLen=[d]\nCryptOff=[d]\nPass&Name=\n"; 332 } else { 333 f1 = "Com2=[B]\nRes1=[B]\nOff2=[d]\nMaxBuffer=[d]\nMaxMpx=[d]\nVcNumber=[d]\nSessionKey=[W]\nCaseInsensitivePasswordLength=[d]\nCaseSensitivePasswordLength=[d]\nRes=[W]\nCapabilities=[W]\nPass1&Pass2&Account&Domain&OS&LanMan=\n"; 334 } 335 } else { 336 if (CVAL(words,0) == 3) { 337 f1 = "Com2=[w]\nOff2=[d]\nAction=[w]\n"; 338 } else if (CVAL(words,0) == 13) { 339 f1 = "Com2=[B]\nRes=[B]\nOff2=[d]\nAction=[w]\n"; 340 f2 = "NativeOS=[S]\nNativeLanMan=[S]\nPrimaryDomain=[S]\n"; 341 } 342 } 343 344 if (f1) 345 fdata(words+1,f1,MIN(words + 1 + CVAL(words,0)*2,maxbuf)); 346 else 347 print_data(words+1,MIN(CVAL(words,0)*2,PTR_DIFF(maxbuf,words+1))); 348 349 if (f2) 350 fdata(data+2,f2,MIN(data + 2 + SVAL(data,0),maxbuf)); 351 else 352 print_data(data+2,MIN(SVAL(data,0),PTR_DIFF(maxbuf,data+2))); 353 } 354 355 356 static struct smbfns smb_fns[] = 357 { 358 {-1,"SMBunknown",0,DEFDESCRIPT}, 359 360 {SMBtcon,"SMBtcon",0, 361 {NULL,"Path=[Z]\nPassword=[Z]\nDevice=[Z]\n", 362 "MaxXmit=[d]\nTreeId=[d]\n",NULL, 363 NULL}}, 364 365 366 {SMBtdis,"SMBtdis",0,DEFDESCRIPT}, 367 {SMBexit,"SMBexit",0,DEFDESCRIPT}, 368 {SMBioctl,"SMBioctl",0,DEFDESCRIPT}, 369 370 {SMBecho,"SMBecho",0, 371 {"ReverbCount=[d]\n",NULL, 372 "SequenceNum=[d]\n",NULL, 373 NULL}}, 374 375 {SMBulogoffX, "SMBulogoffX",FLG_CHAIN,DEFDESCRIPT}, 376 377 {SMBgetatr,"SMBgetatr",0, 378 {NULL,"Path=[Z]\n", 379 "Attribute=[A]\nTime=[T2]Size=[D]\nRes=([w,w,w,w,w])\n",NULL, 380 NULL}}, 381 382 {SMBsetatr,"SMBsetatr",0, 383 {"Attribute=[A]\nTime=[T2]Res=([w,w,w,w,w])\n","Path=[Z]\n", 384 NULL,NULL,NULL}}, 385 386 {SMBchkpth,"SMBchkpth",0, 387 {NULL,"Path=[Z]\n",NULL,NULL,NULL}}, 388 389 {SMBsearch,"SMBsearch",0, 390 {"Count=[d]\nAttrib=[A]\n","Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\n", 391 "Count=[d]\n","BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",NULL}}, 392 393 394 {SMBopen,"SMBopen",0, 395 {"Mode=[w]\nAttribute=[A]\n","Path=[Z]\n", 396 "Handle=[d]\nOAttrib=[A]\nTime=[T2]Size=[D]\nAccess=[w]\n",NULL, 397 NULL}}, 398 399 {SMBcreate,"SMBcreate",0, 400 {"Attrib=[A]\nTime=[T2]","Path=[Z]\n", 401 "Handle=[d]\n",NULL, 402 NULL}}, 403 404 {SMBmknew,"SMBmknew",0, 405 {"Attrib=[A]\nTime=[T2]","Path=[Z]\n", 406 "Handle=[d]\n",NULL, 407 NULL}}, 408 409 {SMBunlink,"SMBunlink",0, 410 {"Attrib=[A]\n","Path=[Z]\n",NULL,NULL,NULL}}, 411 412 {SMBread,"SMBread",0, 413 {"Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n",NULL, 414 "Count=[d]\nRes=([w,w,w,w])\n",NULL,NULL}}, 415 416 {SMBwrite,"SMBwrite",0, 417 {"Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n",NULL, 418 "Count=[d]\n",NULL,NULL}}, 419 420 {SMBclose,"SMBclose",0, 421 {"Handle=[d]\nTime=[T2]",NULL,NULL,NULL,NULL}}, 422 423 {SMBmkdir,"SMBmkdir",0, 424 {NULL,"Path=[Z]\n",NULL,NULL,NULL}}, 425 426 {SMBrmdir,"SMBrmdir",0, 427 {NULL,"Path=[Z]\n",NULL,NULL,NULL}}, 428 429 {SMBdskattr,"SMBdskattr",0, 430 {NULL,NULL, 431 "TotalUnits=[d]\nBlocksPerUnit=[d]\nBlockSize=[d]\nFreeUnits=[d]\nMedia=[w]\n", 432 NULL,NULL}}, 433 434 {SMBmv,"SMBmv",0, 435 {"Attrib=[A]\n","OldPath=[Z]\nNewPath=[Z]\n",NULL,NULL,NULL}}, 436 437 /* this is a Pathworks specific call, allowing the 438 changing of the root path */ 439 {pSETDIR,"SMBsetdir",0, 440 {NULL,"Path=[Z]\n",NULL,NULL,NULL}}, 441 442 {SMBlseek,"SMBlseek",0, 443 {"Handle=[d]\nMode=[w]\nOffset=[D]\n","Offset=[D]\n",NULL,NULL}}, 444 445 {SMBflush,"SMBflush",0, 446 {"Handle=[d]\n",NULL,NULL,NULL,NULL}}, 447 448 {SMBsplopen,"SMBsplopen",0, 449 {"SetupLen=[d]\nMode=[w]\n","Ident=[Z]\n","Handle=[d]\n",NULL,NULL}}, 450 451 {SMBsplclose,"SMBsplclose",0, 452 {"Handle=[d]\n",NULL,NULL,NULL,NULL}}, 453 454 {SMBsplretq,"SMBsplretq",0, 455 {"MaxCount=[d]\nStartIndex=[d]\n",NULL, 456 "Count=[d]\nIndex=[d]\n", 457 "*Time=[T2]Status=[B]\nJobID=[d]\nSize=[D]\nRes=[B]Name=[s16]\n", 458 NULL}}, 459 460 {SMBsplwr,"SMBsplwr",0, 461 {"Handle=[d]\n",NULL,NULL,NULL,NULL}}, 462 463 {SMBlock,"SMBlock",0, 464 {"Handle=[d]\nCount=[D]\nOffset=[D]\n",NULL,NULL,NULL,NULL}}, 465 466 {SMBunlock,"SMBunlock",0, 467 {"Handle=[d]\nCount=[D]\nOffset=[D]\n",NULL,NULL,NULL,NULL}}, 468 469 /* CORE+ PROTOCOL FOLLOWS */ 470 471 {SMBreadbraw,"SMBreadbraw",0, 472 {"Handle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nRes=[d]\n", 473 NULL,NULL,NULL,NULL}}, 474 475 {SMBwritebraw,"SMBwritebraw",0, 476 {"Handle=[d]\nTotalCount=[d]\nRes=[w]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nRes2=[W]\n|DataSize=[d]\nDataOff=[d]\n", 477 NULL,"WriteRawAck",NULL,NULL}}, 478 479 {SMBwritec,"SMBwritec",0, 480 {NULL,NULL,"Count=[d]\n",NULL,NULL}}, 481 482 {SMBwriteclose,"SMBwriteclose",0, 483 {"Handle=[d]\nCount=[d]\nOffset=[D]\nTime=[T2]Res=([w,w,w,w,w,w])",NULL, 484 "Count=[d]\n",NULL,NULL}}, 485 486 {SMBlockread,"SMBlockread",0, 487 {"Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n",NULL, 488 "Count=[d]\nRes=([w,w,w,w])\n",NULL,NULL}}, 489 490 {SMBwriteunlock,"SMBwriteunlock",0, 491 {"Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n",NULL, 492 "Count=[d]\n",NULL,NULL}}, 493 494 {SMBreadBmpx,"SMBreadBmpx",0, 495 {"Handle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nRes=[w]\n", 496 NULL, 497 "Offset=[D]\nTotCount=[d]\nRemaining=[d]\nRes=([w,w])\nDataSize=[d]\nDataOff=[d]\n", 498 NULL,NULL}}, 499 500 {SMBwriteBmpx,"SMBwriteBmpx",0, 501 {"Handle=[d]\nTotCount=[d]\nRes=[w]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nRes2=[W]\nDataSize=[d]\nDataOff=[d]\n",NULL, 502 "Remaining=[d]\n",NULL,NULL}}, 503 504 {SMBwriteBs,"SMBwriteBs",0, 505 {"Handle=[d]\nTotCount=[d]\nOffset=[D]\nRes=[W]\nDataSize=[d]\nDataOff=[d]\n",NULL, 506 "Count=[d]\n",NULL,NULL}}, 507 508 {SMBsetattrE,"SMBsetattrE",0, 509 {"Handle=[d]\nCreationTime=[T2]AccessTime=[T2]ModifyTime=[T2]",NULL, 510 NULL,NULL,NULL}}, 511 512 {SMBgetattrE,"SMBgetattrE",0, 513 {"Handle=[d]\n",NULL, 514 "CreationTime=[T2]AccessTime=[T2]ModifyTime=[T2]Size=[D]\nAllocSize=[D]\nAttribute=[A]\n",NULL,NULL}}, 515 516 {SMBtranss,"SMBtranss",0,DEFDESCRIPT}, 517 {SMBioctls,"SMBioctls",0,DEFDESCRIPT}, 518 519 {SMBcopy,"SMBcopy",0, 520 {"TreeID2=[d]\nOFun=[w]\nFlags=[w]\n","Path=[S]\nNewPath=[S]\n", 521 "CopyCount=[d]\n","|ErrStr=[S]\n",NULL}}, 522 523 {SMBmove,"SMBmove",0, 524 {"TreeID2=[d]\nOFun=[w]\nFlags=[w]\n","Path=[S]\nNewPath=[S]\n", 525 "MoveCount=[d]\n","|ErrStr=[S]\n",NULL}}, 526 527 {SMBopenX,"SMBopenX",FLG_CHAIN, 528 {"Com2=[w]\nOff2=[d]\nFlags=[w]\nMode=[w]\nSearchAttrib=[A]\nAttrib=[A]\nTime=[T2]OFun=[w]\nSize=[D]\nTimeOut=[D]\nRes=[W]\n","Path=[S]\n", 529 "Com2=[w]\nOff2=[d]\nHandle=[d]\nAttrib=[A]\nTime=[T2]Size=[D]\nAccess=[w]\nType=[w]\nState=[w]\nAction=[w]\nFileID=[W]\nRes=[w]\n",NULL,NULL}}, 530 531 {SMBreadX,"SMBreadX",FLG_CHAIN, 532 {"Com2=[w]\nOff2=[d]\nHandle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nCountLeft=[d]\n",NULL, 533 "Com2=[w]\nOff2=[d]\nRemaining=[d]\nRes=[W]\nDataSize=[d]\nDataOff=[d]\nRes=([w,w,w,w])\n",NULL,NULL}}, 534 535 {SMBwriteX,"SMBwriteX",FLG_CHAIN, 536 {"Com2=[w]\nOff2=[d]\nHandle=[d]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nCountLeft=[d]\nRes=[w]\nDataSize=[d]\nDataOff=[d]\n",NULL, 537 "Com2=[w]\nOff2=[d]\nCount=[d]\nRemaining=[d]\nRes=[W]\n",NULL,NULL}}, 538 539 {SMBlockingX,"SMBlockingX",FLG_CHAIN, 540 {"Com2=[w]\nOff2=[d]\nHandle=[d]\nLockType=[w]\nTimeOut=[D]\nUnlockCount=[d]\nLockCount=[d]\n", 541 "*Process=[d]\nOffset=[D]\nLength=[D]\n", 542 "Com2=[w]\nOff2=[d]\n"}}, 543 544 {SMBffirst,"SMBffirst",0, 545 {"Count=[d]\nAttrib=[A]\n","Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n", 546 "Count=[d]\n","BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",NULL}}, 547 548 {SMBfunique,"SMBfunique",0, 549 {"Count=[d]\nAttrib=[A]\n","Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n", 550 "Count=[d]\n","BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",NULL}}, 551 552 {SMBfclose,"SMBfclose",0, 553 {"Count=[d]\nAttrib=[A]\n","Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n", 554 "Count=[d]\n","BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",NULL}}, 555 556 {SMBfindnclose, "SMBfindnclose", 0, 557 {"Handle=[d]\n",NULL,NULL,NULL,NULL}}, 558 559 {SMBfindclose, "SMBfindclose", 0, 560 {"Handle=[d]\n",NULL,NULL,NULL,NULL}}, 561 562 {SMBsends,"SMBsends",0, 563 {NULL,"Source=[Z]\nDest=[Z]\n",NULL,NULL,NULL}}, 564 565 {SMBsendstrt,"SMBsendstrt",0, 566 {NULL,"Source=[Z]\nDest=[Z]\n","GroupID=[d]\n",NULL,NULL}}, 567 568 {SMBsendend,"SMBsendend",0, 569 {"GroupID=[d]\n",NULL,NULL,NULL,NULL}}, 570 571 {SMBsendtxt,"SMBsendtxt",0, 572 {"GroupID=[d]\n",NULL,NULL,NULL,NULL}}, 573 574 {SMBsendb,"SMBsendb",0, 575 {NULL,"Source=[Z]\nDest=[Z]\n",NULL,NULL,NULL}}, 576 577 {SMBfwdname,"SMBfwdname",0,DEFDESCRIPT}, 578 {SMBcancelf,"SMBcancelf",0,DEFDESCRIPT}, 579 {SMBgetmac,"SMBgetmac",0,DEFDESCRIPT}, 580 581 {SMBnegprot,"SMBnegprot",0, 582 {NULL,NULL,NULL,NULL,print_negprot}}, 583 584 {SMBsesssetupX,"SMBsesssetupX",FLG_CHAIN, 585 {NULL,NULL,NULL,NULL,print_sesssetup}}, 586 587 {SMBtconX,"SMBtconX",FLG_CHAIN, 588 {"Com2=[w]\nOff2=[d]\nFlags=[w]\nPassLen=[d]\nPasswd&Path&Device=\n",NULL, 589 "Com2=[w]\nOff2=[d]\n","ServiceType=[S]\n",NULL}}, 590 591 {SMBtrans2, "SMBtrans2",0,{NULL,NULL,NULL,NULL,print_trans2}}, 592 593 {SMBtranss2, "SMBtranss2", 0,DEFDESCRIPT}, 594 {SMBctemp,"SMBctemp",0,DEFDESCRIPT}, 595 {SMBreadBs,"SMBreadBs",0,DEFDESCRIPT}, 596 {SMBtrans,"SMBtrans",0,{NULL,NULL,NULL,NULL,print_trans}}, 597 598 {SMBnttrans,"SMBnttrans", 0, DEFDESCRIPT}, 599 {SMBnttranss,"SMBnttranss", 0, DEFDESCRIPT}, 600 601 {SMBntcreateX,"SMBntcreateX", FLG_CHAIN, 602 {"Com2=[w]\nOff2=[d]\nRes=[b]\nNameLen=[d]\nFlags=[W]\nRootDirectoryFid=[D]\nAccessMask=[W]\nAllocationSize=[L]\nExtFileAttributes=[W]\nShareAccess=[W]\nCreateDisposition=[W]\nCreateOptions=[W]\nImpersonationLevel=[W]\nSecurityFlags=[b]\n","Path=[S]\n", 603 "Com2=[w]\nOff2=[d]\nOplockLevel=[b]\nFid=[d]\nCreateAction=[W]\nCreateTime=[T3]LastAccessTime=[T3]LastWriteTime=[T3]ChangeTime=[T3]ExtFileAttributes=[W]\nAllocationSize=[L]\nEndOfFile=[L]\nFileType=[w]\nDeviceState=[w]\nDirectory=[b]\n", NULL}}, 604 605 {SMBntcancel,"SMBntcancel", 0, DEFDESCRIPT}, 606 607 {-1,NULL,0,DEFDESCRIPT}}; 608 609 610 /******************************************************************* 611 print a SMB message 612 ********************************************************************/ 613 static void print_smb(const uchar *buf, const uchar *maxbuf) 614 { 615 int command; 616 const uchar *words, *data; 617 struct smbfns *fn; 618 char *fmt_smbheader = 619 "[P4]SMB Command = [B]\nError class = [BP1]\nError code = [d]\nFlags1 = [B]\nFlags2 = [B][P13]\nTree ID = [d]\nProc ID = [d]\nUID = [d]\nMID = [d]\nWord Count = [b]\n"; 620 621 request = (CVAL(buf,9)&0x80)?0:1; 622 623 command = CVAL(buf,4); 624 625 fn = smbfind(command,smb_fns); 626 627 printf("\nSMB PACKET: %s (%s)\n",fn->name,request?"REQUEST":"REPLY"); 628 629 if (vflag == 0) return; 630 631 /* print out the header */ 632 fdata(buf,fmt_smbheader,buf+33); 633 634 if (CVAL(buf,5)) { 635 int class = CVAL(buf,5); 636 int num = SVAL(buf,7); 637 printf("SMBError = %s\n",smb_errstr(class,num)); 638 } 639 640 words = buf+32; 641 data = words + 1 + CVAL(words,0)*2; 642 643 644 while (words && data) 645 { 646 char *f1,*f2; 647 int wct = CVAL(words,0); 648 649 if (request) { 650 f1 = fn->descript.req_f1; 651 f2 = fn->descript.req_f2; 652 } else { 653 f1 = fn->descript.rep_f1; 654 f2 = fn->descript.rep_f2; 655 } 656 657 if (fn->descript.fn) { 658 fn->descript.fn(words,data,buf,maxbuf); 659 } else { 660 if (f1) { 661 printf("smbvwv[]=\n"); 662 fdata(words+1,f1,words + 1 + wct*2); 663 } else if (wct) { 664 int i; 665 int v; 666 printf("smbvwv[]=\n"); 667 for (i=0;i<wct;i++) { 668 v = SVAL(words+1,2*i); 669 printf("smb_vwv[%d]=%d (0x%X)\n",i,v,v); 670 } 671 } 672 673 if (f2) { 674 printf("smbbuf[]=\n"); 675 fdata(data+2,f2,maxbuf); 676 } else { 677 int bcc = SVAL(data,0); 678 printf("smb_bcc=%d\n",bcc); 679 if (bcc>0) { 680 printf("smb_buf[]=\n"); 681 print_data(data + 2, MIN(bcc,PTR_DIFF(maxbuf,data+2))); 682 } 683 } 684 } 685 686 if ((fn->flags & FLG_CHAIN) && CVAL(words,0) && SVAL(words,1)!=0xFF) { 687 command = SVAL(words,1); 688 words = buf + SVAL(words,3); 689 data = words + 1 + CVAL(words,0)*2; 690 691 fn = smbfind(command,smb_fns); 692 693 printf("\nSMB PACKET: %s (%s) (CHAINED)\n",fn->name,request?"REQUEST":"REPLY"); 694 } else { 695 words = data = NULL; 696 } 697 } 698 699 printf("\n"); 700 } 701 702 703 /* 704 print a NBT packet received across tcp on port 139 705 */ 706 void nbt_tcp_print(const uchar *data,int length) 707 { 708 const uchar *maxbuf = data + length; 709 int flags = CVAL(data,0); 710 int nbt_len = RSVAL(data,2); 711 712 startbuf = data; 713 if (maxbuf <= data) return; 714 715 printf("\n>>> NBT Packet\n"); 716 717 switch (flags) { 718 case 1: 719 printf("flags=0x%x\n", flags); 720 case 0: 721 data = fdata(data,"NBT Session Packet\nFlags=[rw]\nLength=[rd]\n",data+4); 722 if (data == NULL) 723 break; 724 if (memcmp(data,"\377SMB",4)==0) { 725 if (nbt_len>PTR_DIFF(maxbuf,data)) 726 printf("WARNING: Short packet. Try increasing the snap length (%ld)\n", 727 PTR_DIFF(maxbuf,data)); 728 print_smb(data,maxbuf>data+nbt_len?data+nbt_len:maxbuf); 729 } else { 730 printf("Session packet:(raw data?)\n"); 731 } 732 break; 733 734 case 0x81: 735 data = fdata(data,"NBT Session Request\nFlags=[rW]\nDestination=[n1]\nSource=[n1]\n",maxbuf); 736 break; 737 738 case 0x82: 739 data = fdata(data,"NBT Session Granted\nFlags=[rW]\n",maxbuf); 740 break; 741 742 case 0x83: 743 { 744 int ecode = CVAL(data,4); 745 data = fdata(data,"NBT SessionReject\nFlags=[rW]\nReason=[B]\n",maxbuf); 746 switch (ecode) { 747 case 0x80: 748 printf("Not listening on called name\n"); 749 break; 750 case 0x81: 751 printf("Not listening for calling name\n"); 752 break; 753 case 0x82: 754 printf("Called name not present\n"); 755 break; 756 case 0x83: 757 printf("Called name present, but insufficient resources\n"); 758 break; 759 default: 760 printf("Unspecified error 0x%X\n",ecode); 761 break; 762 } 763 } 764 break; 765 766 case 0x85: 767 data = fdata(data,"NBT Session Keepalive\nFlags=[rW]\n",maxbuf); 768 break; 769 770 default: 771 printf("flags=0x%x\n", flags); 772 data = fdata(data,"NBT - Unknown packet type\nType=[rW]\n",maxbuf); 773 } 774 printf("\n"); 775 fflush(stdout); 776 } 777 778 779 /* 780 print a NBT packet received across udp on port 137 781 */ 782 void nbt_udp137_print(const uchar *data, int length) 783 { 784 const uchar *maxbuf = data + length; 785 int name_trn_id = RSVAL(data,0); 786 int response = (CVAL(data,2)>>7); 787 int opcode = (CVAL(data,2) >> 3) & 0xF; 788 int nm_flags = ((CVAL(data,2) & 0x7) << 4) + (CVAL(data,3)>>4); 789 int rcode = CVAL(data,3) & 0xF; 790 int qdcount = RSVAL(data,4); 791 int ancount = RSVAL(data,6); 792 int nscount = RSVAL(data,8); 793 int arcount = RSVAL(data,10); 794 char *opcodestr; 795 const char *p; 796 797 startbuf = data; 798 799 if (maxbuf <= data) return; 800 801 printf("\n>>> NBT UDP PACKET(137): "); 802 803 switch (opcode) { 804 case 0: opcodestr = "QUERY"; break; 805 case 5: opcodestr = "REGISTRATION"; break; 806 case 6: opcodestr = "RELEASE"; break; 807 case 7: opcodestr = "WACK"; break; 808 case 8: opcodestr = "REFRESH(8)"; break; 809 case 9: opcodestr = "REFRESH"; break; 810 default: opcodestr = "OPUNKNOWN"; break; 811 } 812 printf("%s", opcodestr); 813 if (response) { 814 if (rcode) 815 printf("; NEGATIVE"); 816 else 817 printf("; POSITIVE"); 818 } 819 820 if (response) 821 printf("; RESPONSE"); 822 else 823 printf("; REQUEST"); 824 825 if (nm_flags&1) 826 printf("; BROADCAST"); 827 else 828 printf("; UNICAST"); 829 830 if (vflag == 0) return; 831 832 printf("\nTrnID=0x%X\nOpCode=%d\nNmFlags=0x%X\nRcode=%d\nQueryCount=%d\nAnswerCount=%d\nAuthorityCount=%d\nAddressRecCount=%d\n", 833 name_trn_id,opcode,nm_flags,rcode,qdcount,ancount,nscount,arcount); 834 835 p = data + 12; 836 837 { 838 int total = ancount+nscount+arcount; 839 int i; 840 841 if (qdcount>100 || total>100) { 842 printf("Corrupt packet??\n"); 843 return; 844 } 845 846 if (qdcount) { 847 printf("QuestionRecords:\n"); 848 for (i=0;i<qdcount;i++) 849 p = fdata(p,"|Name=[n1]\nQuestionType=[rw]\nQuestionClass=[rw]\n#",maxbuf); 850 if (p == NULL) 851 goto out; 852 } 853 854 if (total) { 855 printf("\nResourceRecords:\n"); 856 for (i=0;i<total;i++) { 857 int rdlen; 858 int restype; 859 p = fdata(p,"Name=[n1]\n#",maxbuf); 860 if (p == NULL) 861 goto out; 862 restype = RSVAL(p,0); 863 p = fdata(p,"ResType=[rw]\nResClass=[rw]\nTTL=[rD]\n",p+8); 864 if (p == NULL) 865 goto out; 866 rdlen = RSVAL(p,0); 867 printf("ResourceLength=%d\nResourceData=\n",rdlen); 868 p += 2; 869 if (rdlen == 6) { 870 p = fdata(p,"AddrType=[rw]\nAddress=[b.b.b.b]\n",p+rdlen); 871 if (p == NULL) 872 goto out; 873 } else { 874 if (restype == 0x21) { 875 int numnames = CVAL(p,0); 876 p = fdata(p,"NumNames=[B]\n",p+1); 877 if (p == NULL) 878 goto out; 879 while (numnames--) { 880 p = fdata(p,"Name=[n2]\t#",maxbuf); 881 if (p[0] & 0x80) printf("<GROUP> "); 882 switch (p[0] & 0x60) { 883 case 0x00: printf("B "); break; 884 case 0x20: printf("P "); break; 885 case 0x40: printf("M "); break; 886 case 0x60: printf("_ "); break; 887 } 888 if (p[0] & 0x10) printf("<DEREGISTERING> "); 889 if (p[0] & 0x08) printf("<CONFLICT> "); 890 if (p[0] & 0x04) printf("<ACTIVE> "); 891 if (p[0] & 0x02) printf("<PERMANENT> "); 892 printf("\n"); 893 p += 2; 894 } 895 } else { 896 print_data(p,rdlen); 897 p += rdlen; 898 } 899 } 900 } 901 } 902 } 903 904 if ((uchar*)p < maxbuf) { 905 fdata(p,"AdditionalData:\n",maxbuf); 906 } 907 908 out: 909 printf("\n"); 910 fflush(stdout); 911 } 912 913 914 915 /* 916 print a NBT packet received across udp on port 138 917 */ 918 void nbt_udp138_print(const uchar *data, int length) 919 { 920 const uchar *maxbuf = data + length; 921 startbuf = data; 922 if (maxbuf <= data) return; 923 924 data = fdata(data,"\n>>> NBT UDP PACKET(138) Res=[rw] ID=[rw] IP=[b.b.b.b] Port=[rd] Length=[rd] Res2=[rw]\nSourceName=[n1]\nDestName=[n1]\n#",maxbuf); 925 926 if (data != NULL) 927 print_smb(data,maxbuf); 928 929 printf("\n"); 930 fflush(stdout); 931 } 932 933 934 935 /* 936 print netbeui frames 937 */ 938 void netbeui_print(u_short control, const uchar *data, const uchar *maxbuf) 939 { 940 int len = SVAL(data,0); 941 int command = CVAL(data,4); 942 const uchar *data2 = data + len; 943 int is_truncated = 0; 944 945 if (data2 >= maxbuf) { 946 data2 = maxbuf; 947 is_truncated = 1; 948 } 949 950 startbuf = data; 951 952 printf("\n>>> NetBeui Packet\nType=0x%X ", control); 953 data = fdata(data,"Length=[d] Signature=[w] Command=[B]\n#",maxbuf); 954 if (data == NULL) 955 goto out; 956 957 switch (command) { 958 case 0xA: 959 data = fdata(data,"NameQuery:[P1]\nSessionNumber=[B]\nNameType=[B][P2]\nResponseCorrelator=[w]\nDestination=[n2]\nSource=[n2]\n",data2); 960 break; 961 962 case 0x8: 963 data = fdata(data,"NetbiosDataGram:[P7]\nDestination=[n2]\nSource=[n2]\n",data2); 964 break; 965 966 case 0xE: 967 data = fdata(data,"NameRecognise:\n[P1]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nDestination=[n2]\nSource=[n2]\n",data2); 968 break; 969 970 case 0x19: 971 data = fdata(data,"SessionInitialise:\nData1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2); 972 break; 973 974 case 0x17: 975 data = fdata(data,"SessionConfirm:\nData1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2); 976 break; 977 978 case 0x16: 979 data = fdata(data,"NetbiosDataOnlyLast:\nFlags=[{|NO_ACK|PIGGYBACK_ACK_ALLOWED|PIGGYBACK_ACK_INCLUDED|}]\nResyncIndicator=[w][P2]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2); 980 break; 981 982 case 0x14: 983 data = fdata(data,"NetbiosDataAck:\n[P3]TransmitCorrelator=[w][P2]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2); 984 break; 985 986 case 0x18: 987 data = fdata(data,"SessionEnd:\n[P1]Data2=[w][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n",data2); 988 break; 989 990 case 0x1f: 991 data = fdata(data,"SessionAlive\n",data2); 992 break; 993 994 default: 995 data = fdata(data,"Unknown Netbios Command ",data2); 996 break; 997 } 998 if (data == NULL) 999 goto out; 1000 1001 if (is_truncated) { 1002 /* data2 was past the end of the buffer */ 1003 goto out; 1004 } 1005 1006 if (memcmp(data2,"\377SMB",4)==0) { 1007 print_smb(data2,maxbuf); 1008 } else { 1009 int i; 1010 for (i=0;i<128;i++) { 1011 if (&data2[i] >= maxbuf) 1012 break; 1013 if (memcmp(&data2[i],"\377SMB",4)==0) { 1014 printf("found SMB packet at %d\n", i); 1015 print_smb(&data2[i],maxbuf); 1016 break; 1017 } 1018 } 1019 } 1020 1021 out: 1022 printf("\n"); 1023 } 1024 1025 1026 /* 1027 print IPX-Netbios frames 1028 */ 1029 void ipx_netbios_print(const uchar *data, const uchar *maxbuf) 1030 { 1031 /* this is a hack till I work out how to parse the rest of the IPX stuff */ 1032 int i; 1033 startbuf = data; 1034 for (i=0;i<128;i++) 1035 if (memcmp(&data[i],"\377SMB",4)==0) { 1036 fdata(data,"\n>>> IPX transport ",&data[i]); 1037 if (data != NULL) 1038 print_smb(&data[i],maxbuf); 1039 printf("\n"); 1040 fflush(stdout); 1041 break; 1042 } 1043 if (i==128) 1044 fdata(data,"\n>>> Unknown IPX ",maxbuf); 1045 } 1046