Attached is a gzipped tar-ball of the packet-smb* files that
I have modified to add the SMB Mailslot protocol and the
SMB Netlogin protocol. I would check these into the CVS
system but I have changed so much and Richard has been
the primary developer for the SMB stuff, that I don't feel
comfortable doing that.
I broke the smb.c file into multiple files because I felt it
was growing too large and Rickard had comments to that effect.
I think the SMB decode has grown big enough to require it's
own sub-directory. Comments ?
Guy/Richard, please review the code and do what you have to do.
I have decided to call the registration routines from the
proto_register_smb routine. I don't know if this is the best
method. I just decided to do it because it was easy and I didn't
have to change register.c. You can move them to register.c if
you think that is best.
I have made some assumptions about the mailslot names in the
routine dissect_mailslot_smb. I assume that any mailslot that
begins with NET and that the two names MSSP and TEMP\\NETLOGON
are logon actions. This seems to work for the traffic on our
network. If this assumption falls apart the dissect_smb_logon_request
routine needs to save the names of the response pipes and the
dissect_mailslot_smb routines needs to check for these. I don't
have all the details worked out but it should be to hard to do.
Please review the routine display_flags in packet-smb-common.c,
It is designed to help decoding a flags field. I think this is
something that all of the dissectors could use. Currently it is
designed to handle flag fields that are 1, 2, or 4 bytes wide, but it
could be expanded to handle fields of any bit width.
Jeff Foster
jfoste@xxxxxxxxxxxx
Attachment:
new-smb.tar.gz
Description: Binary data