A network capture (wireshark, netmon, snoop -o) when using CMD.EXE
would be useful. If you run wireshark or netmon on the same Windows
7 client, it should give us what we need.
You can get the IP addresses using dtrace while the service is running
(dtrace script below). To capture to a file, use whichever one of the
following forms you prefer.
./share.d -p `pgrep smbd` > /var/tmp/share.out
./share.d -p `pgrep smbd` | tee /var/tmp/share.out
Alan
--
#!/usr/sbin/dtrace -s
/*
* Usage: ./share.d -p `pgrep smbd`
*
* Example output:
*
* :BEGIN SMB Share Trace Started
*
* smb...-start NT Authority/anonymous: \\HOST\IPC$: 0x0a90a8c0
* smb...-start DOMAIN/administrator: \\HOST\ADMINISTRATOR: 0x0a90a8c0
*
* IP address 0xcf6a010a would be decoded as: 192.168.90.10
* 0a -> 10
* 5a -> 90
* a8 -> 168
* c0 -> 192
*/
BEGIN
{
printf("SMB Share Trace Started\n");
}
END
{
printf("SMB Share Trace Ended\n");
}
sdt:smbsrv::-smb_op-TreeConnectX-start
{
sr = (struct smb_request *)arg0;
tcon = (struct tcon *)arg1;
printf("%s/%s: %s: 0x%08x %s",
stringof(sr->uid_user->u_domain),
stringof(sr->uid_user->u_name),
stringof(tcon->path),
sr->session->ipaddr.au_addr.au_ipv4,
(sr->session->s_local_port == 139) ?
stringof(sr->session->workstation) : "");
}
_______________________________________________
cifs-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
