Hi,
I need to generate traces of SMB traffic that will allow me to analyse
windows client traffic :-)
To do this I am planning to capture traces in front of filers of various
sorts, and then reduce them using a modified version of Ethereal. To
reduce them I want to generate a simple text file with a line per command
with sufficient information such that I can run a Perl script or some such
that will allow me to extract interesting info.
I plan on only capturing only enough bytes to allow me to see all the
parameters. This allows me to capture on GigE without losing packets.
I plan on adding some infrastructure to Ethereal to allow me to specify a
trace file and some macros etc to allow writing to the trace file.
Tethereal will be my preferred tool, so that I can generate the trace file
in one pass.
Does anyone have any comments?
Regards
-----
Richard Sharpe, rsharpe@xxxxxxxxxx, rsharpe@xxxxxxxxx,
sharpe@xxxxxxxxxxxx