Wireshark-dev: Re: [Wireshark-dev] Parsing SMB Packet

From: Mahendran <shmahendran@xxxxxxxxx>
Date: Wed, 24 Dec 2008 15:42:50 +0530
Thanks a lot, that exactly solves the problem that I have been facing.

On Wed, Dec 24, 2008 at 3:11 PM, Sake Blok <sake@xxxxxxxxxx> wrote:
Hi Mahendran,
 
I can reproduce your issue when I disable "Allow subdissector to reassemble TCP streams". When I have that setting enabled, packet 47,51 and 55 show up fine.
 
Can you check that setting in the TCP protocol preferences and enable it if it was disabled (as I would expect, based on your findings).
 
Cheers,
     Sake
----- Original Message -----
From: Mahendran
Sent: Tuesday, December 23, 2008 7:51 PM
Subject: [Wireshark-dev] Parsing SMB Packet

Hi,

I am using Wire Shark 1.0.5.

I am trying to capture the SMB packets using Wire Shark. It parses the SMB Request correctly but unable to parse the SBM Response that is sent from our device. The content are shown under "Continuation Data". If it parses properly that will help me in analyzing the packets. Could you please help me?

I have attached the capture for your analysis. Look at the packet no 47, 51 and 55.

Best Regards,
Mahendran


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe