snoop_smb.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright (c) 1999-2000 by Sun Microsystems, Inc.
* All rights reserved.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* References used throughout this code:
*
* [CIFS/1.0] : A Common Internet File System (CIFS/1.0) Protocol
* Internet Engineering Task Force (IETF) draft
* Paul J. Leach, Microsoft, Dec. 1997
*
*/
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "snoop.h"
/* some macros just for compactness */
/*
* SMB Format (header)
*/
struct smb {
/*
* immediately after the above 32 byte header:
* unsigned char WordCount;
* unsigned short ParameterWords[ WordCount ];
* unsigned short ByteCount;
* unsigned char ParameterBytes[ ByteCount ];
*/
};
/* smb flags */
#define SERVER_RESPONSE 0x80
static void interpret_sesssetupX(DECARGS);
static void interpret_tconX(DECARGS);
static void interpret_trans(DECARGS);
static void interpret_trans2(DECARGS);
static void interpret_negprot(DECARGS);
static void interpret_default(DECARGS);
/*
* Trans2 subcommand codes
*/
#define TRANS2_OPEN 0x00
#define TRANS2_FIND_FIRST 0x01
#define TRANS2_FIND_NEXT2 0x02
#define TRANS2_QUERY_FS_INFORMATION 0x03
#define TRANS2_QUERY_PATH_INFORMATION 0x05
#define TRANS2_SET_PATH_INFORMATION 0x06
#define TRANS2_QUERY_FILE_INFORMATION 0x07
#define TRANS2_SET_FILE_INFORMATION 0x08
#define TRANS2_CREATE_DIRECTORY 0x0D
struct decode {
char *name;
char *callfmt;
char *replyfmt;
};
/*
* SMB command codes (function names)
*/
/* 0x00 */
{ "mkdir", 0, 0, 0 },
{ "rmdir", 0, 0, 0 },
{ "open", 0, 0, 0 },
{ "create", 0, 0, 0 },
{
"close", 0,
"WFileID\0lLastModTime\0wByteCount\0\0",
"wByteCount\0\0"
},
{ "flush", 0, 0, 0 },
{ "unlink", 0, 0, 0 },
{
"mv", 0,
"wFileAttributes\0wByteCount\0"
"r\0UFileName\0r\0UNewPath\0\0",
"wByteCount\0\0"
},
{
"getatr", 0,
"dBytecount\0r\0UFileName\0\0",
"wFileAttributes\0lTime\0lSize\0R\0R\0R\0"
"R\0R\0wByteCount\0\0"
},
{ "setatr", 0, 0, 0 },
{
"read", 0,
"WFileID\0wI/0 Bytes\0LFileOffset\0"
"WBytesLeft\0wByteCount\0\0",
"WDataLength\0R\0R\0R\0R\0wByteCount\0\0"
},
{
"write", 0,
"WFileID\0wI/0 Bytes\0LFileOffset\0WBytesLeft\0"
"wByteCount\0\0",
"WDataLength\0wByteCount\0\0"
},
{ "lock", 0, 0, 0 },
{ "unlock", 0, 0, 0 },
{ "ctemp", 0, 0, 0 },
{ "mknew", 0, 0, 0 },
/* 0x10 */
{
"chkpth", 0,
"wByteCount\0r\0UFile\0\0",
"wByteCount\0\0"
},
{ "exit", 0, 0, 0 },
{ "lseek", 0, 0, 0 },
{ "lockread", 0, 0, 0 },
{ "writeunlock", 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{
"readbraw", 0,
"WFileID\0LFileOffset\0wMaxCount\0"
"wMinCount\0lTimeout\0R\0wByteCount\0\0", 0
},
{ "readbmpx", 0, 0, 0 },
{ "readbs", 0, 0, 0 },
{ "writebraw", 0, 0, 0 },
{ "writebmpx", 0, 0, 0 },
{ "writebs", 0, 0, 0 },
/* 0x20 */
{ "writec", 0, 0, 0 },
{ "qrysrv", 0, 0, 0 },
{ "setattrE", 0, 0, 0 },
{ "getattrE", 0, 0, 0 },
{
"lockingX", 0,
"wChainedCommand\0wNextOffset\0WFileID\0"
"wLockType\0lOpenTimeout\0"
"W#Unlocks\0W#Locks\0wByteCount\0\0", 0
},
{ "trans", interpret_trans, 0, 0 },
{ "transs", 0, 0, 0 },
{ "ioctl", 0, 0, 0 },
{ "ioctls", 0, 0, 0 },
{ "copy", 0, 0, 0 },
{ "move", 0, 0, 0 },
{ "echo", 0, 0, 0 },
{ "writeclose", 0, 0, 0 },
{
"openX", 0,
"wChainedCommand\0wNextOffset\0wFlags\0"
"wMode\0wSearchAttributes\0wFileAttributes\0"
"lTime\0wOpenFunction\0lFileSize\0lOpenTimeout\0"
"R\0R\0wByteCount\0r\0UFileName\0\0",
"wChainedCommand\0wNextOffset\0WFileID\0"
"wAttributes\0lTime\0LSize\0wOpenMode\0"
"wFileType\0wDeviceState\0wActionTaken\0"
"lUniqueFileID\0R\0wBytecount\0\0"
},
{ "readX", 0, 0, 0 },
{ "writeX", 0, 0, 0 },
/* 0x30 */
{ 0, 0, 0, 0 },
{ "closeTD", 0, 0, 0 },
{ "trans2", interpret_trans2, 0, 0 },
{ "trans2s", 0, 0, 0 },
{
"findclose", 0,
"WFileID\0wByteCount\0\0",
"wByteCount\0\0"
},
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0x40 */
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0x50 */
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0x60 */
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0x70 */
{ "tcon", 0, 0, 0 },
{
"tdis", 0,
"wByteCount\0\0",
"wByteCount\0\0"
},
{ "negprot", interpret_negprot, 0, 0 },
{ "sesssetupX", interpret_sesssetupX, 0, 0 },
{
"uloggoffX", 0,
"wChainedCommand\0wNextOffset\0\0",
"wChainedCommnad\0wNextOffset\0\0" },
{ "tconX", interpret_tconX, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0x80 */
{ "dskattr", 0, 0, 0 },
{ "search", 0, 0, 0 },
{ "ffirst", 0, 0, 0 },
{ "funique", 0, 0, 0 },
{ "fclose", 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0x90 */
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0xa0 */
/*
* Command codes 0xa0 to 0xa7 are from
* [CIFS/1.0, Sec. 5.1]
*/
{ " NT_Trans", 0, 0, 0 },
{ " NT_Trans2", 0, 0, 0 },
{
" NT_CreateX", 0,
/* [CIFS/1.0, Sec. 4.2.1] */
"wChainedCommand\0wNextOffset\0r\0"
"wNameLength\0lCreateFlags\0lRootDirFID\0"
"lDesiredAccess\0R\0R\0R\0R\0"
"lNTFileAttributes\0lFileShareAccess\0"
"R\0R\0lCreateOption\0lImpersonationLevel\0"
"bSecurityFlags\0wByteCount\0r\0"
"UFileName\0\0",
"wChainedCommand\0wNextOffset\0"
"bOplockLevel\0WFileID\0lCreateAction\0\0"
},
{ 0, 0, 0, 0 },
{
" NT_Cancel", 0,
/* [CIFS/1.0, Sec. 4.1.8] */
"wByteCount\0", 0
},
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0xb0 */
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0xc0 */
{ "splopen", 0, 0, 0 },
{ "splwr", 0, 0, 0 },
{ "splclose", 0, 0, 0 },
{ "splretq", 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0xd0 */
{ "sends", 0, 0, 0 },
{ "sendb", 0, 0, 0 },
{ "fwdname", 0, 0, 0 },
{ "cancelf", 0, 0, 0 },
{ "getmac", 0, 0, 0 },
{ "sendstrt", 0, 0, 0 },
{ "sendend", 0, 0, 0 },
{ "sendtxt", 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0xe0 */
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
/* 0xf0 */
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 },
{ 0, 0, 0, 0 }
};
/* Helpers to get short and int values in Intel order. */
static ushort_t
return (p[0] + (p[1]<<8));
}
static uint_t
return (p[0] + (p[1]<<8) + (p[2]<<16) + (p[3]<<24));
}
/*
* This is called by snoop_netbios.c.
* This is the external entry point.
*/
void
{
char *call_reply_detail, *call_reply_sum;
char xtra[300];
char *line;
call_reply_detail = "SERVER RESPONSE";
call_reply_sum = "R";
} else {
call_reply_detail = "CLIENT REQUEST";
call_reply_sum = "C";
}
xtra[0] = '\0';
/*
* SMB Header description
*/
show_space();
show_space();
case 0x00:
" - Error class = No error");
break;
case 0x01:
" - Error class = Operating System");
break;
case 0x02:
" - Error class = LMX server");
break;
case 0x03:
" - Error class = Hardware");
break;
case 0xff:
default:
" - Error class = Incorrect format.");
break;
}
} else
show_space();
show_space();
}
else
line = get_sum_line();
"SMB %s Code=0x%x Name=SMB%s %sError=%x ",
}
show_trailer();
}
static void
{
int i;
char buff[80];
char word[10];
for (i = 0; i < bytecount; i++) {
}
}
}
/*
* Based on the Unicode Standard, http://www.unicode.org/
* "The Unicode Standard: A Technical Introduction", June 1998
*/
static int
{
int i = 0, j = 0;
char c;
/* Show unicode chars >= 256 as '?' */
if (instr[i+1])
c = '?';
else
c = instr[i];
if (c == '\0')
break;
outstr[j] = c;
i += 2;
j++;
}
outstr[j] = '\0';
return (j);
}
/*
* TRANS2 information levels
*/
static void
{
switch (value) {
case 1:
case 2:
case 3:
case 0x101:
case 0x102:
case 0x103:
case 0x104:
default:
}
}
/*
* Interpret TRANS2_QUERY_PATH subcommand
*/
/* ARGSUSED */
static void
{
int length;
char filename[256];
data += 6;
}
data += 6;
filename);
}
}
/*
* Interpret TRANS2_QUERY_FILE subcommand
*/
/* ARGSUSED */
static void
{
int length;
}
data += 2;
}
}
/*
* Interpret TRANS2_SET_FILE subcommand
*/
/* ARGSUSED */
static void
{
int length;
}
data += 2;
}
}
/*
* Interpret TRANS2_FIND_FIRST subcommand
*/
/* ARGSUSED */
static void
{
int length;
char filename[256];
char infolevel[100];
data += 12;
}
data += 2;
data += 2;
data += 2;
data += 6;
filename);
}
}
/*
* Interpret TRANS2_FIND_NEXT subcommand
*/
/* ARGSUSED */
static void
{
int length;
char filename[256];
char infolevel[100];
data += 12;
}
data += 2;
data += 2;
data += 2;
data += 4;
data += 2;
filename);
}
}
/*
* Interpret a "Negprot" SMB
*/
/* ARGSUSED */
static void
{
int length;
int bytecount;
char dialect[256];
protodata++; /* skip wordcount */
}
protodata[0]);
}
} else {
/*
* request packet:
* short bytecount;
* struct { char fmt; char name[]; } dialects
*/
protodata += 2;
while (bytecount > 1) {
}
}
while (bytecount > 1) {
dialect);
}
}
}
}
/*
* LAN Manager remote admin function names.
*/
static const char *apinames[] = {
"RNetShareEnum",
"RNetShareGetInfo",
"NetShareSetInfo",
"NetShareAdd",
"NetShareDel",
"NetShareCheck",
"NetSessionEnum",
"NetSessionGetInfo",
"NetSessionDel",
"NetConnectionEnum",
"NetFileEnum",
"NetFileGetInfo",
"NetFileClose",
"RNetServerGetInfo",
"NetServerSetInfo",
"NetServerDiskEnum",
"NetServerAdminCommand",
"NetAuditOpen",
"NetAuditClear",
"NetErrorLogOpen",
"NetErrorLogClear",
"NetCharDevEnum",
"NetCharDevGetInfo",
"NetCharDevControl",
"NetCharDevQEnum",
"NetCharDevQGetInfo",
"NetCharDevQSetInfo",
"NetCharDevQPurge",
"RNetCharDevQPurgeSelf",
"NetMessageNameEnum",
"NetMessageNameGetInfo",
"NetMessageNameAdd",
"NetMessageNameDel",
"NetMessageNameFwd",
"NetMessageNameUnFwd",
"NetMessageBufferSend",
"NetMessageFileSend",
"NetMessageLogFileSet",
"NetMessageLogFileGet",
"NetServiceEnum",
"RNetServiceInstall",
"RNetServiceControl",
"RNetAccessEnum",
"RNetAccessGetInfo",
"RNetAccessSetInfo",
"RNetAccessAdd",
"RNetAccessDel",
"NetGroupEnum",
"NetGroupAdd",
"NetGroupDel",
"NetGroupAddUser",
"NetGroupDelUser",
"NetGroupGetUsers",
"NetUserEnum",
"RNetUserAdd",
"NetUserDel",
"NetUserGetInfo",
"RNetUserSetInfo",
"RNetUserPasswordSet",
"NetUserGetGroups",
"NetWkstaLogon",
"NetWkstaLogoff",
"NetWkstaSetUID",
"NetWkstaGetInfo",
"NetWkstaSetInfo",
"NetUseEnum",
"NetUseAdd",
"NetUseDel",
"NetUseGetInfo",
"DosPrintQEnum",
"DosPrintQGetInfo",
"DosPrintQSetInfo",
"DosPrintQAdd",
"DosPrintQDel",
"DosPrintQPause",
"DosPrintQContinue",
"DosPrintJobEnum",
"DosPrintJobGetInfo",
"RDosPrintJobSetInfo",
"DosPrintJobAdd",
"DosPrintJobSchedule",
"RDosPrintJobDel",
"RDosPrintJobPause",
"RDosPrintJobContinue",
"DosPrintDestEnum",
"DosPrintDestGetInfo",
"DosPrintDestControl",
"NetProfileSave",
"NetProfileLoad",
"NetStatisticsGet",
"NetStatisticsClear",
"NetRemoteTOD",
"NetBiosEnum",
"NetBiosGetInfo",
"NetServerEnum",
"I_NetServerEnum",
"NetServiceGetInfo",
"NetSplQmAbort",
"NetSplQmClose",
"NetSplQmEndDoc",
"NetSplQmOpen",
"NetSplQmStartDoc",
"NetSplQmWrite",
"DosPrintQPurge",
"NetServerEnum2"
};
static const int apimax = (
sizeof (apinames) /
sizeof (apinames[0]));
/*
* Interpret a "trans" SMB
*
* This is very much like "trans2" below.
*/
/* ARGSUSED */
static void
{
int wordcount;
int bytecount;
int parambytes;
int paramoffset;
int setupcount;
int subcode;
int apinum;
int isunicode;
char filename[256];
byteparms += 2;
/*
* Print the lengths before we (potentially) bail out
* due to lack of data (so the user knows why we did).
*/
}
/* Get length and location of params and setup data. */
/* CALL */
if (wordcount < 14)
return;
} else {
/* REPLY */
if (wordcount < 10)
return;
}
if (setupcount > 0)
else
/* The parameters are offset from the SMB header. */
if (parambytes > 0)
else
/* Is the pathname in unicode? */
/* This is a CALL. */
/* print the word parameters */
/* skip Reserved2 */
/* That finishes the VWV, now the misc. stuff. */
if (subcode >= 0)
if (apinum >= 0)
/* Finally, print the byte parameters. */
if (isunicode) {
(void) unicode2ascii(
} else {
}
}
/* This is a REPLY. */
/* print the word parameters */
/* skip Reserved */
}
}
/*
* Interpret a "TconX" SMB
*/
/* ARGSUSED */
static void
{
int length;
int bytecount;
int passwordlength;
int wordcount;
char tempstring[256];
tcondata += 6;
}
tcondata += 8;
}
tcondata[0]);
tcondata += 2;
tcondata += 2;
tcondata += 2;
tcondata += 2;
}
tcondata[0]);
tcondata += 2;
tcondata += 2;
tcondata += 2;
tcondata += 2;
}
}
/*
* Interpret a "SesssetupX" SMB
*/
/* ARGSUSED */
static void
{
int length;
int bytecount;
int passwordlength;
int isunicode;
int upasswordlength;
int wordcount;
int cap;
char tempstring[256];
if (wordcount != 13)
return;
setupdata += 14;
setupdata += 2;
setupdata += 6;
if (isunicode) {
setupdata += 1;
} else {
}
}
if (wordcount != 13)
return;
setupdata[0]);
setupdata += 2;
setupdata += 2;
setupdata += 2;
setupdata += 2;
setupdata += 2;
setupdata += 4;
setupdata += 2;
setupdata += 6;
setupdata += 4;
if (isunicode) {
setupdata++;
if (length == 2) {
"AccountName = %s", tempstring);
"DomainName = %s", tempstring);
setupdata += 3;
} else {
"AccountName = %s", tempstring);
"DomainName = %s", tempstring);
}
"NativeOS = %s", tempstring);
"NativeLanman = %s", tempstring);
} else {
}
}
if (wordcount != 3)
return;
setupdata[0]);
setupdata += 2;
setupdata += 2;
setupdata += 2;
setupdata += 2;
}
}
/*
* Interpret "Trans2" SMB
*
* This is very much like "trans" above.
*/
/* ARGSUSED */
static void
{
int wordcount;
int bytecount;
int parambytes;
int paramoffset;
int setupcount;
int subcode;
char *name;
byteparms += 2;
/*
* Print the lengths before we (potentially) bail out
* due to lack of data (so the user knows why we did).
*/
}
/* Get length and location of params and setup data. */
/* CALL */
if (wordcount < 14)
return;
} else {
/* REPLY */
if (wordcount < 10)
return;
}
if (setupcount > 0)
else
/* The parameters are offset from the SMB header. */
/* This is a CALL. */
/* print the word parameters */
/* skip Reserved2 */
/* That finishes the VWV, now the misc. stuff. */
}
/* This is a CALL. Do sub-function. */
switch (subcode) {
case TRANS2_OPEN:
name = "Open";
goto name_only;
case TRANS2_FIND_FIRST:
break;
case TRANS2_FIND_NEXT2:
break;
name = "QueryFSInfo";
goto name_only;
break;
name = "SetPathInfo";
goto name_only;
break;
break;
case TRANS2_CREATE_DIRECTORY:
name = "CreateDir";
goto name_only;
default:
name = "Unknown";
/* fall through */
break;
}
}
/* This is a REPLY. */
/* print the word parameters */
/* skip Reserved */
}
}
static void
{
int slength;
int i;
int printit;
int wordcount;
char *outstr;
char *prfmt;
char *format;
char valuetype;
char word[10];
char *label;
char tempstring[256];
char buff[80];
else
return;
for (i = 0; i < wordcount; i++) {
comdata += 2;
}
}
return;
}
while (valuetype != '\0') {
break;
else
switch (valuetype) {
case 'W':
case 'w':
if (printit)
comdata += 2;
break;
case 'D':
case 'd':
if (printit)
comdata += 2;
break;
case 'L':
case 'l':
if (printit)
comdata += 4;
break;
case 'B':
case 'b':
if (printit)
comdata += 1;
break;
case 'r':
comdata++;
break;
case 'R':
comdata += 2;
break;
case 'U':
case 'u':
if (printit)
break;
case 'S':
case 's':
if (printit)
break;
}
}
}