From aaf83174881865f30ab4b27c466f7cfe57184c9a Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 18 Aug 2003 17:58:01 +0000 Subject: Add log2pcap manpage (This used to be commit a5107b8088e306bfe89a141fd70a20faa54e9f6d) --- docs/manpages/log2pcap.1 | 113 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 113 insertions(+) create mode 100644 docs/manpages/log2pcap.1 (limited to 'docs') diff --git a/docs/manpages/log2pcap.1 b/docs/manpages/log2pcap.1 new file mode 100644 index 0000000000..b2a2e53606 --- /dev/null +++ b/docs/manpages/log2pcap.1 @@ -0,0 +1,113 @@ +.\"Generated by db2man.xsl. Don't modify this, modify the source. +.de Sh \" Subsection +.br +.if t .Sp +.ne 5 +.PP +\fB\\$1\fR +.PP +.. +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Ip \" List item +.br +.ie \\n(.$>=3 .ne \\$3 +.el .ne 3 +.IP "\\$1" \\$2 +.. +.TH "LOG2PCAP" 1 "" "" "" +.SH NAME +log2pcap \- Extract network traces from Samba log files +.SH "SYNOPSIS" +.ad l +.hy 0 +.HP 9 +\fBlog2pcap\fR [\-h] [logfile] [pcap_file] +.ad +.hy + +.SH "DESCRIPTION" + +.PP +This tool is part of the \fBSamba\fR(7) suite\&. + +.PP +\fBlog2pcap\fR reads in a samba log file and generates a pcap file (readable by most sniffers, such as ethereal or tcpdump) based on the packet dumps in the log file\&. + +.PP +The log file must have a \fIlog level\fR of at least \fB5\fR to get the SMB header/parameters right, \fB10\fR to get the first 512 data bytes of the packet and \fB50\fR to get the whole packet\&. + +.SH "OPTIONS" + +.TP +\-h +If this parameter is specified the output file will be a hex dump, in a format that is readable by the text2pcap utility\&. + + +.TP +logfile +Samba log file\&. log2pcap will try to read the log from stdin if the log file is not specified\&. + + +.TP +pcap_file +Name of the output file to write the pcap (or hexdump) data to\&. If this argument is not specified, output data will be written to stdout\&. + + +.TP +\-h|\-\-help +Print a summary of command line options\&. + + +.SH "EXAMPLES" + +.PP +Extract all network traffic from all samba log files: + +.PP + +.nf + + $ cat /var/log/* | log2pcap > trace\&.pcap + .fi + + +.PP +Convert to pcap using text2pcap: + +.PP + +.nf + + $ log2pcap \-h samba\&.log | text2pcap \-T 139,139 \- trace\&.pcap + .fi + + +.SH "VERSION" + +.PP +This man page is correct for version 3\&.0 of the Samba suite\&. + +.SH "BUGS" + +.PP +Only SMB data is extracted from the samba logs, no LDAP, NetBIOS lookup or other data\&. + +.PP +The generated TCP and IP headers don't contain a valid checksum\&. + +.SH "SEE ALSO" + +.PP +\fBtext2pcap\fR(1), \fBethereal\fR(1) + +.SH "AUTHOR" + +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. + +.PP +This manpage was written by Jelmer Vernooij\&. + -- cgit