Hi Ferdinand,
It is fairly easy to filter on CIFS traffic only - simply use a filter
of "smb".
This will filter on only packets which Ethereal has determined to be
CIFS-related, including TCP ACK-only frames, etc.
It WON'T filter on traffic that may related to CIFS but not CIFS
itself, such as WINS, NetBIOS name service, DNS, MS-Kerberos, LDAP,
etc., however, building filters for these is also fairly easy, and you
can add statements together. See the Ethereal User's Guide (section
http://www.ethereal.com/docs/user-guide/ch03dispfilt.html) for details
on how to do this.
If you're looking to filter on specific CIFS commands or other fields,
take a look at the Ethereal man page for the smb.* fields.
Ian
On Saturday, March 22, 2003, at 04:09 PM, von Kuelmer, Ferdinand wrote:
Hi all,
i try to analyze a cifs trace.
Please, how can i set a special filter for cifs requests, responses,
close etc.
I know the filter expressions for tcp.ports, http.* and all the other
normal network traffic, but CIFS seems to be a protocol with a big
overhead and and a lot of undocumented procedures.
thx in advance
Ferdinand
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users