diff options
Diffstat (limited to 'docs/manpages/log2pcap.1')
-rw-r--r-- | docs/manpages/log2pcap.1 | 116 |
1 files changed, 116 insertions, 0 deletions
diff --git a/docs/manpages/log2pcap.1 b/docs/manpages/log2pcap.1 new file mode 100644 index 0000000000..60df066260 --- /dev/null +++ b/docs/manpages/log2pcap.1 @@ -0,0 +1,116 @@ +.\"Generated by db2man.xsl. Don't modify this, modify the source. +.de Sh \" Subsection +.br +.if t .Sp +.ne 5 +.PP +\fB\\$1\fR +.PP +.. +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Ip \" List item +.br +.ie \\n(.$>=3 .ne \\$3 +.el .ne 3 +.IP "\\$1" \\$2 +.. +.TH "LOG2PCAP" 1 "" "" "" +.SH NAME +log2pcap \- Extract network traces from Samba log files +.SH "SYNOPSIS" + +.nf +\fBlog2pcap\fR [-h] [-q] [logfile] [pcap_file] +.fi + +.SH "DESCRIPTION" + +.PP +This tool is part of the \fBSamba\fR(7) suite\&. + +.PP +\fBlog2pcap\fR reads in a samba log file and generates a pcap file (readable by most sniffers, such as ethereal or tcpdump) based on the packet dumps in the log file\&. + +.PP +The log file must have a \fIlog level\fR of at least \fB5\fR to get the SMB header/parameters right, \fB10\fR to get the first 512 data bytes of the packet and \fB50\fR to get the whole packet\&. + +.SH "OPTIONS" + +.TP +-h +If this parameter is specified the output file will be a hex dump, in a format that is readable by the text2pcap utility\&. + + +.TP +-q +Be quiet\&. No warning messages about missing or incomplete data will be given\&. + + +.TP +logfile +Samba log file\&. log2pcap will try to read the log from stdin if the log file is not specified\&. + + +.TP +pcap_file +Name of the output file to write the pcap (or hexdump) data to\&. If this argument is not specified, output data will be written to stdout\&. + + +.TP +-h|--help +Print a summary of command line options\&. + + +.SH "EXAMPLES" + +.PP +Extract all network traffic from all samba log files: + +.PP + +.nf + + $ cat /var/log/* | log2pcap > trace\&.pcap + .fi + + +.PP +Convert to pcap using text2pcap: + +.PP + +.nf + + $ log2pcap -h samba\&.log | text2pcap -T 139,139 - trace\&.pcap + .fi + + +.SH "VERSION" + +.PP +This man page is correct for version 3\&.0 of the Samba suite\&. + +.SH "BUGS" + +.PP +Only SMB data is extracted from the samba logs, no LDAP, NetBIOS lookup or other data\&. + +.PP +The generated TCP and IP headers don't contain a valid checksum\&. + +.SH "SEE ALSO" + +.PP +\fBtext2pcap\fR(1), \fBethereal\fR(1) + +.SH "AUTHOR" + +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. + +.PP +This manpage was written by Jelmer Vernooij\&. + |