diff options
| author | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2003-03-25 09:41:42 +0000 |
|---|---|---|
| committer | Ronnie Sahlberg <ronnie_sahlberg@ozemail.com.au> | 2003-03-25 09:41:42 +0000 |
| commit | cec5c81ac3a5590cabdc28cf4d4e343ee9a8b33d (patch) | |
| tree | aafa8f25a9cde7e8e34b53bd4893ac4b8ac13c79 /smb.h | |
| parent | 2fecf91a175d91f3c2d0a202cb0acd9a94068b40 (diff) | |
Added SMB option : sid_name_snooping.
This feature, when enabled through Edit/preferences/protocols/smb,
will look at certain SMB and CIFS related protocols to discover the
mapping between SIDs and their Names.
For those SIDs whose name has been snooped/discovered ethereal will
also add "(<name>)" to the end of the SID when printed in the tree pane
through the function dissect_nt_sid().
Currently the feature is not too exciting since the only thing that packet-smb-sidsnooping.c will look at to build this mapping table is
replies to the LSA/QueryInfoPolicy infolevel 3 packets and thus
discover mappings between a Domain SID and a Domain Name.
In the near future this future will be enhanced to also look at more interesting calls such as LSA/LookupSIDs2 and similar.
svn path=/trunk/; revision=7362
Diffstat (limited to 'smb.h')
| -rw-r--r-- | smb.h | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -2,7 +2,7 @@ * Defines for smb packet dissection * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com> * - * $Id: smb.h,v 1.49 2003/02/25 02:00:33 tpot Exp $ + * $Id: smb.h,v 1.50 2003/03/25 09:41:42 sahlberg Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -26,6 +26,8 @@ #ifndef _SMB_H #define _SMB_H +extern gboolean sid_name_snooping; + /* SMB command codes, from the SNIA CIFS spec. */ extern const value_string smb_cmd_vals[]; extern const value_string trans2_cmd_vals[]; |