Wireshark
the world's foremost network protocol analyzer
Display Filter Reference: SMB2 (Server Message Block Protocol version 2)
Protocol field name: smb2
Versions: 1.0.0 to 1.6.5
Back to Display Filter Reference
| Field name | Type | Description | Versions |
|---|---|---|---|
| smb2.acct | Character string | Account | 1.0.0 to 1.6.5 |
| smb2.aid | Unsigned integer, 8 bytes | Async Id | 1.0.0 to 1.6.5 |
| smb2.allocation_size | Unsigned integer, 8 bytes | Allocation Size | 1.0.0 to 1.6.5 |
| smb2.auth_frame | Unsigned integer, 4 bytes | Authenticated in Frame | 1.0.0 to 1.6.5 |
| smb2.birth_object_id | Globally Unique Identifier | BirthObjectId | 1.0.0 to 1.6.5 |
| smb2.birth_volume_id | Globally Unique Identifier | BirthVolumeId | 1.0.0 to 1.6.5 |
| smb2.boot_time | Date and time | Boot Time | 1.0.0 to 1.6.5 |
| smb2.buffer_code.dynamic | Boolean | Dynamic Part | 1.0.0 to 1.6.5 |
| smb2.buffer_code.length | Unsigned integer, 2 bytes | Length | 1.0.0 to 1.6.5 |
| smb2.capabilities | Unsigned integer, 4 bytes | Capabilities | 1.0.0 to 1.6.5 |
| smb2.capabilities.dfs | Boolean | DFS | 1.0.0 to 1.6.5 |
| smb2.capabilities.large_mtu | Boolean | LARGE MTU | 1.6.0 to 1.6.5 |
| smb2.capabilities.leasing | Boolean | LEASING | 1.6.0 to 1.6.5 |
| smb2.chain_offset | Unsigned integer, 4 bytes | Chain Offset | 1.0.0 to 1.6.5 |
| smb2.channel | Unsigned integer, 4 bytes | Channel | 1.0.0 to 1.6.5 |
| smb2.channel_info_length | Unsigned integer, 2 bytes | Channel Info Length | 1.2.0 to 1.6.5 |
| smb2.channel_info_offset | Unsigned integer, 2 bytes | Channel Info Offset | 1.2.0 to 1.6.5 |
| smb2.class | Unsigned integer, 1 byte | Class | 1.0.0 to 1.6.5 |
| smb2.client_guid | Globally Unique Identifier | Client Guid | 1.0.0 to 1.6.5 |
| smb2.close.flags | Unsigned integer, 2 bytes | Close Flags | 1.0.0 to 1.6.5 |
| smb2.close.pq_attrib | Boolean | PostQuery Attrib | 1.2.0 to 1.6.5 |
| smb2.cmd | Unsigned integer, 2 bytes | Command | 1.0.0 to 1.6.5 |
| smb2.compression_format | Unsigned integer, 2 bytes | Compression Format | 1.0.0 to 1.6.5 |
| smb2.create.action | Unsigned integer, 4 bytes | Create Action | 1.0.0 to 1.6.5 |
| smb2.create.chain_data | Label | Data | 1.0.0 to 1.6.5 |
| smb2.create.chain_offset | Unsigned integer, 4 bytes | Chain Offset | 1.0.0 to 1.6.5 |
| smb2.create.data_length | Unsigned integer, 4 bytes | Data Length | 1.0.0 to 1.6.5 |
| smb2.create.disposition | Unsigned integer, 4 bytes | Disposition | 1.0.0 to 1.6.5 |
| smb2.create.extrainfo | Label | ExtraInfo | 1.0.0 to 1.6.5 |
| smb2.create.oplock | Unsigned integer, 1 byte | Oplock | 1.0.0 to 1.6.5 |
| smb2.create.time | Date and time | Create | 1.0.0 to 1.6.5 |
| smb2.create_flags | Unsigned integer, 8 bytes | Create Flags | 1.0.0 to 1.6.5 |
| smb2.credit.charge | Unsigned integer, 2 bytes | Credit Charge | 1.6.0 to 1.6.5 |
| smb2.credits.granted | Unsigned integer, 2 bytes | Credits granted | 1.0.0 to 1.6.5 |
| smb2.credits.requested | Unsigned integer, 2 bytes | Credits requested | 1.0.0 to 1.6.5 |
| smb2.current_time | Date and time | Current Time | 1.0.0 to 1.6.5 |
| smb2.data_offset | Unsigned integer, 2 bytes | Data Offset | 1.0.0 to 1.6.5 |
| smb2.delete_pending | Unsigned integer, 1 byte | Delete Pending | 1.0.0 to 1.6.5 |
| smb2.dialect | Unsigned integer, 2 bytes | Dialect | 1.0.0 to 1.6.5 |
| smb2.dialect_count | Unsigned integer, 2 bytes | Dialect count | 1.0.0 to 1.6.5 |
| smb2.disposition.delete_on_close | Boolean | Delete on close | 1.0.0 to 1.6.5 |
| smb2.domain | Character string | Domain | 1.0.0 to 1.6.5 |
| smb2.domain_id | Globally Unique Identifier | DomainId | 1.0.0 to 1.6.5 |
| smb2.ea.data | Character string | EA Data | 1.0.0 to 1.6.5 |
| smb2.ea.data_len | Unsigned integer, 1 byte | EA Data Length | 1.0.0 to 1.6.5 |
| smb2.ea.flags | Unsigned integer, 1 byte | EA Flags | 1.0.0 to 1.6.5 |
| smb2.ea.name | Character string | EA Name | 1.0.0 to 1.6.5 |
| smb2.ea.name_len | Unsigned integer, 1 byte | EA Name Length | 1.0.0 to 1.6.5 |
| smb2.ea_size | Unsigned integer, 4 bytes | EA Size | 1.0.0 to 1.6.5 |
| smb2.eof | Unsigned integer, 8 bytes | End Of File | 1.0.0 to 1.6.5 |
| smb2.epoch | Unsigned integer, 2 bytes | Epoch | 1.0.0 to 1.4.11 |
| smb2.error.byte_count | Unsigned integer, 4 bytes | Byte Count | 1.2.1 to 1.6.5 |
| smb2.error.data | Sequence of bytes | Error Data | 1.2.1 to 1.6.5 |
| smb2.error.reserved | Unsigned integer, 2 bytes | Reserved | 1.2.1 to 1.6.5 |
| smb2.fid | Globally Unique Identifier | File Id | 1.0.0 to 1.6.5 |
| smb2.file_id | Unsigned integer, 8 bytes | File Id | 1.0.0 to 1.6.5 |
| smb2.file_index | Unsigned integer, 4 bytes | File Index | 1.2.0 to 1.6.5 |
| smb2.file_info.infolevel | Unsigned integer, 1 byte | InfoLevel | 1.0.0 to 1.6.5 |
| smb2.FILE_OBJECTID_BUFFER | Label | FILE_OBJECTID_BUFFER | 1.0.0 to 1.6.5 |
| smb2.file_offset | Unsigned integer, 8 bytes | File Offset | 1.2.0 to 1.6.5 |
| smb2.filename | Character string | Filename | 1.0.0 to 1.6.5 |
| smb2.filename.len | Unsigned integer, 4 bytes | Filename Length | 1.0.0 to 1.6.5 |
| smb2.find.both_directory_info | Label | FileBothDirectoryInfo | 1.2.0 to 1.6.5 |
| smb2.find.continue_flags | Unsigned integer, 4 bytes | Continue Flags | 1.0.0 to 1.0.16 |
| smb2.find.file_directory_info | Label | FileDirectoryInfo | 1.2.0 to 1.6.5 |
| smb2.find.flags | Unsigned integer, 1 byte | Find Flags | 1.2.0 to 1.6.5 |
| smb2.find.full_directory_info | Label | FullDirectoryInfo | 1.2.0 to 1.6.5 |
| smb2.find.id_both_directory_info | Label | FileIdBothDirectoryInfo | 1.2.0 to 1.6.5 |
| smb2.find.index_specified | Boolean | Index Specified | 1.2.0 to 1.6.5 |
| smb2.find.infolevel | Unsigned integer, 4 bytes | Info Level | 1.0.0 to 1.6.5 |
| smb2.find.name_info | Label | FileNameInfo | 1.2.0 to 1.6.5 |
| smb2.find.pattern | Character string | Search Pattern | 1.0.0 to 1.6.5 |
| smb2.find.reopen | Boolean | Reopen | 1.2.0 to 1.6.5 |
| smb2.find.restart_scans | Boolean | Restart Scans | 1.2.0 to 1.6.5 |
| smb2.find.single_entry | Boolean | Single Entry | 1.2.0 to 1.6.5 |
| smb2.flags.async | Boolean | Async command | 1.0.0 to 1.6.5 |
| smb2.flags.chained | Boolean | Chained | 1.0.0 to 1.6.5 |
| smb2.flags.dfs | Boolean | DFS operation | 1.0.0 to 1.6.5 |
| smb2.flags.response | Boolean | Response | 1.0.0 to 1.6.5 |
| smb2.flags.signature | Boolean | Signing | 1.0.0 to 1.6.5 |
| smb2.fs_info.infolevel | Unsigned integer, 1 byte | InfoLevel | 1.0.0 to 1.6.5 |
| smb2.header_len | Unsigned integer, 2 bytes | Header Length | 1.0.0 to 1.6.5 |
| smb2.hf_smb2_dhnq_buffer_reserved | Unsigned integer, 8 bytes | Reserved | 1.6.0 to 1.6.5 |
| smb2.host | Character string | Host | 1.0.0 to 1.6.5 |
| smb2.impersonation.level | Unsigned integer, 4 bytes | Impersonation | 1.0.0 to 1.6.5 |
| smb2.infolevel | Unsigned integer, 1 byte | InfoLevel | 1.0.0 to 1.6.5 |
| smb2.ioctl.flags | Unsigned integer, 4 bytes | Flags | 1.2.0 to 1.6.5 |
| smb2.ioctl.function | Unsigned integer, 4 bytes | Function | 1.0.0 to 1.6.5 |
| smb2.ioctl.function.access | Unsigned integer, 4 bytes | Access | 1.0.0 to 1.6.5 |
| smb2.ioctl.function.device | Unsigned integer, 4 bytes | Device | 1.0.0 to 1.6.5 |
| smb2.ioctl.function.function | Unsigned integer, 4 bytes | Function | 1.0.0 to 1.6.5 |
| smb2.ioctl.function.method | Unsigned integer, 4 bytes | Method | 1.0.0 to 1.6.5 |
| smb2.ioctl.in | Label | In Data | 1.0.0 to 1.6.5 |
| smb2.ioctl.is_fsctl | Boolean | Is FSCTL | 1.2.0 to 1.6.5 |
| smb2.ioctl.out | Label | Out Data | 1.0.0 to 1.6.5 |
| smb2.ioctl.shadow_copy.count | Unsigned integer, 4 bytes | Count | 1.0.0 to 1.6.5 |
| smb2.ioctl.shadow_copy.label | Character string | Label | 1.0.0 to 1.6.5 |
| smb2.ioctl.shadow_copy.num_labels | Unsigned integer, 4 bytes | Num Labels | 1.0.0 to 1.6.5 |
| smb2.ioctl.shadow_copy.num_volumes | Unsigned integer, 4 bytes | Num Volumes | 1.0.0 to 1.6.5 |
| smb2.is_directory | Unsigned integer, 1 byte | Is Directory | 1.0.0 to 1.6.5 |
| smb2.last_access.time | Date and time | Last Access | 1.0.0 to 1.6.5 |
| smb2.last_change.time | Date and time | Last Change | 1.0.0 to 1.6.5 |
| smb2.last_write.time | Date and time | Last Write | 1.0.0 to 1.6.5 |
| smb2.lock_count | Unsigned integer, 2 bytes | Lock Count | 1.2.0 to 1.6.5 |
| smb2.lock_flags | Unsigned integer, 4 bytes | Flags | 1.2.0 to 1.6.5 |
| smb2.lock_flags.exclusive | Boolean | Exclusive | 1.2.0 to 1.6.5 |
| smb2.lock_flags.fail_immediately | Boolean | Fail Immediately | 1.2.0 to 1.6.5 |
| smb2.lock_flags.shared | Boolean | Shared | 1.2.0 to 1.6.5 |
| smb2.lock_flags.unlock | Boolean | Unlock | 1.2.0 to 1.6.5 |
| smb2.lock_info | Label | Lock Info | 1.2.0 to 1.6.5 |
| smb2.lock_length | Unsigned integer, 8 bytes | Length | 1.2.0 to 1.6.5 |
| smb2.max_ioctl_in_size | Unsigned integer, 4 bytes | Max Ioctl In Size | 1.2.0 to 1.6.5 |
| smb2.max_ioctl_out_size | Unsigned integer, 4 bytes | Max Ioctl Out Size | 1.0.0 to 1.6.5 |
| smb2.max_read_size | Unsigned integer, 4 bytes | Max Read Size | 1.0.0 to 1.6.5 |
| smb2.max_response_size | Unsigned integer, 4 bytes | Max Response Size | 1.0.0 to 1.6.5 |
| smb2.max_trans_size | Unsigned integer, 4 bytes | Max Transaction Size | 1.0.0 to 1.6.5 |
| smb2.max_write_size | Unsigned integer, 4 bytes | Max Write Size | 1.0.0 to 1.6.5 |
| smb2.min_count | Unsigned integer, 4 bytes | Min Count | 1.2.0 to 1.6.5 |
| smb2.mxac_status | Unsigned integer, 4 bytes | Query Status | 1.6.0 to 1.6.5 |
| smb2.mxac_timestamp | Date and time | Timestamp | 1.6.0 to 1.6.5 |
| smb2.next_offset | Unsigned integer, 4 bytes | Next Offset | 1.0.0 to 1.6.5 |
| smb2.nlinks | Unsigned integer, 4 bytes | Number of Links | 1.0.0 to 1.6.5 |
| smb2.notify.flags | Unsigned integer, 2 bytes | Notify Flags | 1.2.0 to 1.6.5 |
| smb2.notify.out | Label | Out Data | 1.2.0 to 1.6.5 |
| smb2.notify.watch_tree | Boolean | Watch Tree | 1.2.0 to 1.6.5 |
| smb2.nt_status | Unsigned integer, 4 bytes | NT Status | 1.0.0 to 1.6.5 |
| smb2.num_vc | Unsigned integer, 1 byte | VC Num | 1.0.0 to 1.6.5 |
| smb2.object_id | Globally Unique Identifier | ObjectId | 1.0.0 to 1.6.5 |
| smb2.olb.length | Unsigned integer, 4 bytes | Length | 1.0.0 to 1.6.5 |
| smb2.olb.offset | Unsigned integer, 4 bytes | Offset | 1.0.0 to 1.6.5 |
| smb2.output_buffer_len | Unsigned integer, 2 bytes | Output Buffer Length | 1.2.0 to 1.6.5 |
| smb2.pid | Unsigned integer, 4 bytes | Process Id | 1.0.0 to 1.6.5 |
| smb2.previous_sesid | Unsigned integer, 8 bytes | Previous Session Id | 1.0.0 to 1.6.5 |
| smb2.qfid_fid | Sequence of bytes | Opaque File ID | 1.6.0 to 1.6.5 |
| smb2.read_data | Sequence of bytes | Read Data | 1.0.0 to 1.6.5 |
| smb2.read_length | Unsigned integer, 4 bytes | Read Length | 1.0.0 to 1.6.5 |
| smb2.read_offset | Unsigned integer, 8 bytes | Read Offset | 1.0.0 to 1.0.16 |
| smb2.read_remaining | Unsigned integer, 4 bytes | Read Remaining | 1.2.0 to 1.6.5 |
| smb2.remaining_bytes | Unsigned integer, 4 bytes | Remaining Bytes | 1.2.0 to 1.6.5 |
| smb2.required_size | Unsigned integer, 4 bytes | Required Buffer Size | 1.0.0 to 1.6.5 |
| smb2.reserved | Sequence of bytes | Reserved | 1.6.0 to 1.6.5 |
| smb2.response_buffer_offset | Unsigned integer, 2 bytes | Response Buffer Offset | 1.0.0 to 1.6.5 |
| smb2.response_in | Frame number | Response in | 1.0.0 to 1.6.5 |
| smb2.response_size | Unsigned integer, 4 bytes | Response Size | 1.0.0 to 1.6.5 |
| smb2.response_to | Frame number | Response to | 1.0.0 to 1.6.5 |
| smb2.sec_info.infolevel | Unsigned integer, 1 byte | InfoLevel | 1.0.0 to 1.6.5 |
| smb2.sec_mode | Unsigned integer, 1 byte | Security mode | 1.0.0 to 1.6.5 |
| smb2.sec_mode.sign_enabled | Boolean | Signing enabled | 1.0.0 to 1.6.5 |
| smb2.sec_mode.sign_required | Boolean | Signing required | 1.0.0 to 1.6.5 |
| smb2.security_blob | Sequence of bytes | Info | 1.0.0 to 1.6.5 |
| smb2.security_blob_len | Unsigned integer, 2 bytes | Security Blob Length | 1.0.0 to 1.6.5 |
| smb2.security_blob_offset | Unsigned integer, 2 bytes | Security Blob Offset | 1.0.0 to 1.6.5 |
| smb2.seq_num | Signed integer, 8 bytes | Command Sequence Number | 1.0.0 to 1.6.5 |
| smb2.server_guid | Globally Unique Identifier | Server Guid | 1.0.0 to 1.6.5 |
| smb2.ses_flags.guest | Boolean | Guest | 1.0.0 to 1.6.5 |
| smb2.ses_flags.null | Boolean | Null | 1.0.0 to 1.6.5 |
| smb2.sesid | Unsigned integer, 8 bytes | Session Id | 1.0.0 to 1.6.5 |
| smb2.session_flags | Unsigned integer, 2 bytes | Session Flags | 1.0.0 to 1.6.5 |
| smb2.setinfo_offset | Unsigned integer, 2 bytes | Setinfo Offset | 1.0.0 to 1.6.5 |
| smb2.setinfo_size | Unsigned integer, 4 bytes | Setinfo Size | 1.0.0 to 1.6.5 |
| smb2.share.caching | Unsigned integer, 4 bytes | Caching policy | 1.0.0 to 1.6.5 |
| smb2.share_caps | Unsigned integer, 4 bytes | Share Capabilities | 1.0.0 to 1.6.5 |
| smb2.share_caps.dfs | Boolean | DFS | 1.0.0 to 1.6.5 |
| smb2.share_flags | Unsigned integer, 4 bytes | Share flags | 1.0.0 to 1.6.5 |
| smb2.share_flags.access_based_dir_enum | Boolean | Access based directory enum | 1.0.0 to 1.6.5 |
| smb2.share_flags.allow_namespace_caching | Boolean | Allow namepsace caching | 1.0.0 to 1.6.5 |
| smb2.share_flags.dfs | Boolean | DFS | 1.0.0 to 1.6.5 |
| smb2.share_flags.dfs_root | Boolean | DFS root | 1.0.0 to 1.6.5 |
| smb2.share_flags.enable_hash | Boolean | Enable hash | 1.6.0 to 1.6.5 |
| smb2.share_flags.force_levelii_oplock | Boolean | Force level II oplock | 1.6.0 to 1.6.5 |
| smb2.share_flags.force_shared_delete | Boolean | Force shared delete | 1.0.0 to 1.6.5 |
| smb2.share_flags.restrict_exclusive_opens | Boolean | Restrict exclusive opens | 1.0.0 to 1.6.5 |
| smb2.share_type | Unsigned integer, 1 byte | Share Type | 1.0.0 to 1.6.5 |
| smb2.short_name_len | Unsigned integer, 1 byte | Short Name Length | 1.2.0 to 1.6.5 |
| smb2.shortname | Character string | Short Name | 1.2.0 to 1.6.5 |
| smb2.signature | Sequence of bytes | Signature | 1.0.0 to 1.6.5 |
| smb2.smb2_file_access_info | Label | SMB2_FILE_ACCESS_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_alignment_info | Label | SMB2_FILE_ALIGNMENT_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_all_info | Label | SMB2_FILE_ALL_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_allocation_info | Label | SMB2_FILE_ALLOCATION_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_alternate_name_info | Label | SMB2_FILE_ALTERNATE_NAME_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_attribute_tag_info | Label | SMB2_FILE_ATTRIBUTE_TAG_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_basic_info | Label | SMB2_FILE_BASIC_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_compression_info | Label | SMB2_FILE_COMPRESSION_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_disposition_info | Label | SMB2_FILE_DISPOSITION_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_ea_info | Label | SMB2_FILE_EA_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_endoffile_info | Label | SMB2_FILE_ENDOFFILE_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_info_0f | Label | SMB2_FILE_INFO_0f | 1.0.0 to 1.6.5 |
| smb2.smb2_file_internal_info | Label | SMB2_FILE_INTERNAL_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_mode_info | Label | SMB2_FILE_MODE_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_network_open_info | Label | SMB2_FILE_NETWORK_OPEN_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_pipe_info | Label | SMB2_FILE_PIPE_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_position_info | Label | SMB2_FILE_POSITION_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_rename_info | Label | SMB2_FILE_RENAME_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_standard_info | Label | SMB2_FILE_STANDARD_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_file_stream_info | Label | SMB2_FILE_STREAM_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_fs_info_01 | Label | SMB2_FS_INFO_01 | 1.0.0 to 1.6.5 |
| smb2.smb2_fs_info_03 | Label | SMB2_FS_INFO_03 | 1.0.0 to 1.6.5 |
| smb2.smb2_fs_info_04 | Label | SMB2_FS_INFO_04 | 1.0.0 to 1.6.5 |
| smb2.smb2_fs_info_05 | Label | SMB2_FS_INFO_05 | 1.0.0 to 1.6.5 |
| smb2.smb2_fs_info_06 | Label | SMB2_FS_INFO_06 | 1.0.0 to 1.6.5 |
| smb2.smb2_fs_info_07 | Label | SMB2_FS_INFO_07 | 1.0.0 to 1.6.5 |
| smb2.smb2_fs_objectid_info | Label | SMB2_FS_OBJECTID_INFO | 1.0.0 to 1.6.5 |
| smb2.smb2_sec_info_00 | Label | SMB2_SEC_INFO_00 | 1.0.0 to 1.6.5 |
| smb2.tag | Character string | Tag | 1.0.0 to 1.6.5 |
| smb2.tcon_frame | Unsigned integer, 4 bytes | Connected in Frame | 1.0.0 to 1.6.5 |
| smb2.tid | Unsigned integer, 4 bytes | Tree Id | 1.0.0 to 1.6.5 |
| smb2.time | Time offset | Time from request | 1.0.0 to 1.6.5 |
| smb2.tree | Character string | Tree | 1.0.0 to 1.6.5 |
| smb2.twrp_timestamp | Date and time | Timestamp | 1.6.0 to 1.6.5 |
| smb2.unknown | Sequence of bytes | unknown | 1.0.0 to 1.6.5 |
| smb2.unknown.timestamp | Date and time | Timestamp | 1.0.0 to 1.4.11 |
| smb2.write.count | Unsigned integer, 4 bytes | Write Count | 1.6.0 to 1.6.5 |
| smb2.write.flags | Unsigned integer, 4 bytes | Write Flags | 1.6.0 to 1.6.5 |
| smb2.write.flags.write_through | Boolean | Write through | 1.6.0 to 1.6.5 |
| smb2.write.remaining | Unsigned integer, 4 bytes | Write Remaining | 1.6.0 to 1.6.5 |
| smb2.write_data | Sequence of bytes | Write Data | 1.0.0 to 1.6.5 |
| smb2.write_length | Unsigned integer, 4 bytes | Write Length | 1.0.0 to 1.6.5 |
| smb2.write_offset | Unsigned integer, 8 bytes | Write Offset | 1.0.0 to 1.0.16 |