Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Parsing SMB Packet

From: "Sake Blok" <sake@xxxxxxxxxx>
Date: Wed, 24 Dec 2008 10:41:18 +0100
Hi Mahendran,
 
I can reproduce your issue when I disable "Allow subdissector to reassemble TCP streams". When I have that setting enabled, packet 47,51 and 55 show up fine.
 
Can you check that setting in the TCP protocol preferences and enable it if it was disabled (as I would expect, based on your findings).
 
Cheers,
     Sake
----- Original Message -----
From: Mahendran
Sent: Tuesday, December 23, 2008 7:51 PM
Subject: [Wireshark-dev] Parsing SMB Packet

Hi,

I am using Wire Shark 1.0.5.

I am trying to capture the SMB packets using Wire Shark. It parses the SMB Request correctly but unable to parse the SBM Response that is sent from our device. The content are shown under "Continuation Data". If it parses properly that will help me in analyzing the packets. Could you please help me?

I have attached the capture for your analysis. Look at the packet no 47, 51 and 55.

Best Regards,
Mahendran


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe