The Samba-Bugzilla – Attachment 1544 Details for
Bug 2421
Quickbooks file sharing oplock problem in 3.0.11 and 3.0.12pre2-SVN-build-5654
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
tethereal - Win2k with oplocks
quickbooks-win2000-oplocks.txt (text/plain), 34.45 KB, created by
Kevin Shanahan (dead mail address)
on 2005-10-26 18:01:25 UTC
(
hide
)
Description:
tethereal - Win2k with oplocks
Filename:
MIME Type:
Creator:
Kevin Shanahan (dead mail address)
Created:
2005-10-26 18:01:25 UTC
Size:
34.45 KB
patch
obsolete
>Frame 9694 (252 bytes on wire, 252 bytes captured) > Arrival Time: Oct 26, 2005 11:10:35.419072000 > Time delta from previous packet: 0.001635000 seconds > Time since reference or first frame: 44.311261000 seconds > Frame Number: 9694 > Packet Length: 252 bytes > Capture Length: 252 bytes > Protocols in frame: eth:ip:tcp:nbss:smb >Ethernet II, Src: Ibm_5d:92:37 (00:11:25:5d:92:37), Dst: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Destination: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Source: Ibm_5d:92:37 (00:11:25:5d:92:37) > Type: IP (0x0800) >Internet Protocol, Src: 192.168.0.54 (192.168.0.54), Dst: 192.168.0.252 (192.168.0.252) > Version: 4 > Header length: 20 bytes > Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) > 0000 00.. = Differentiated Services Codepoint: Default (0x00) > .... ..0. = ECN-Capable Transport (ECT): 0 > .... ...0 = ECN-CE: 0 > Total Length: 238 > Identification: 0xae03 (44547) > Flags: 0x04 (Don't Fragment) > 0... = Reserved bit: Not set > .1.. = Don't fragment: Set > ..0. = More fragments: Not set > Fragment offset: 0 > Time to live: 128 > Protocol: TCP (0x06) > Header checksum: 0xc983 [correct] > Source: 192.168.0.54 (192.168.0.54) > Destination: 192.168.0.252 (192.168.0.252) >Transmission Control Protocol, Src Port: 1268 (1268), Dst Port: netbios-ssn (139), Seq: 17680, Ack: 10406, Len: 198 > Source port: 1268 (1268) > Destination port: netbios-ssn (139) > Sequence number: 17680 (relative sequence number) > Next sequence number: 17878 (relative sequence number) > Acknowledgement number: 10406 (relative ack number) > Header length: 20 bytes > Flags: 0x0018 (PSH, ACK) > 0... .... = Congestion Window Reduced (CWR): Not set > .0.. .... = ECN-Echo: Not set > ..0. .... = Urgent: Not set > ...1 .... = Acknowledgment: Set > .... 1... = Push: Set > .... .0.. = Reset: Not set > .... ..0. = Syn: Not set > .... ...0 = Fin: Not set > Window size: 65200 > Checksum: 0x8f64 [correct] > SEQ/ACK analysis > This is an ACK to the segment in frame: 9693 > The RTT to ACK the segment was: 0.001635000 seconds >NetBIOS Session Service > Message Type: Session message > Flags: 0x00 > .... ...0 = Add 0 to length > Length: 194 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > SMB Command: NT Create AndX (0xa2) > NT Status: STATUS_SUCCESS (0x00000000) > Flags: 0x18 > 0... .... = Request/Response: Message is a request to the server > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...1 .... = Canonicalized Pathnames: Pathnames are canonicalized > .... 1... = Case Sensitivity: Path names are caseless > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0xc807 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .1.. .... .... .... = Error Code Type: Error codes are NT error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .1.. = Security Signatures: Security signatures are supported > .... .... .... ..1. = Extended Attributes: Extended attributes are supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: E1BFDCD80757ADF7 > Reserved: 0000 > Tree ID: 51204 > Process ID: 3696 > User ID: 51200 > Multiplex ID: 42690 > NT Create AndX Request (0xa2) > Word Count (WCT): 24 > AndXCommand: No further commands (0xff) > Reserved: 00 > AndXOffset: 57054 > Reserved: 00 > File Name Len: 108 > Create Flags: 0x00000016 > .... .... .... .... .... .... ...1 .... = Extended Response: Extended responses required > .... .... .... .... .... .... .... 0... = Create Directory: Target of open can be a file > .... .... .... .... .... .... .... .1.. = Batch Oplock: Requesting BATCH OPLOCK > .... .... .... .... .... .... .... ..1. = Exclusive Oplock: Requesting OPLOCK > Root FID: 0x00000000 > Access Mask: 0x00020189 > 0... .... .... .... .... .... .... .... = Generic Read: Generic read is NOT set > .0.. .... .... .... .... .... .... .... = Generic Write: Generic write is NOT set > ..0. .... .... .... .... .... .... .... = Generic Execute: Generic execute is NOT set > ...0 .... .... .... .... .... .... .... = Generic All: Generic all is NOT set > .... ..0. .... .... .... .... .... .... = Maximum Allowed: Maximum allowed is NOT set > .... ...0 .... .... .... .... .... .... = System Security: System security is NOT set > .... .... ...0 .... .... .... .... .... = Synchronize: Can NOT wait on handle to synchronize on completion of I/O > .... .... .... 0... .... .... .... .... = Write Owner: Can NOT write owner (take ownership) > .... .... .... .0.. .... .... .... .... = Write DAC: Owner may NOT write to the DAC > .... .... .... ..1. .... .... .... .... = Read Control: READ ACCESS to owner, group and ACL of the SID > .... .... .... ...0 .... .... .... .... = Delete: NO delete access > .... .... .... .... .... ...1 .... .... = Write Attributes: WRITE ATTRIBUTES access > .... .... .... .... .... .... 1... .... = Read Attributes: READ ATTRIBUTES access > .... .... .... .... .... .... .0.. .... = Delete Child: NO delete child access > .... .... .... .... .... .... ..0. .... = Execute: NO execute access > .... .... .... .... .... .... ...0 .... = Write EA: NO write extended attributes access > .... .... .... .... .... .... .... 1... = Read EA: READ EXTENDED ATTRIBUTES access > .... .... .... .... .... .... .... .0.. = Append: NO append access > .... .... .... .... .... .... .... ..0. = Write: NO write access > .... .... .... .... .... .... .... ...1 = Read: READ access > Allocation Size: 0 > File Attributes: 0x00000080 > .... .... .... .... .0.. .... .... .... = Encrypted: This is NOT an encrypted file > .... .... .... .... ..0. .... .... .... = Content Indexed: This file MAY be indexed by the content indexing service > .... .... .... .... ...0 .... .... .... = Offline: This file is NOT offline > .... .... .... .... .... 0... .... .... = Compressed: This is NOT a compressed file > .... .... .... .... .... .0.. .... .... = Reparse Point: This file does NOT have an associated reparse point > .... .... .... .... .... ..0. .... .... = Sparse: This is NOT a sparse file > .... .... .... .... .... ...0 .... .... = Temporary: This is NOT a temporary file > .... .... .... .... .... .... 1... .... = Normal: This file is an ordinary file > .... .... .... .... .... .... .0.. .... = Device: This is NOT a device > .... .... .... .... .... .... ..0. .... = Archive: This file has NOT been modified since last archive > .... .... .... .... .... .... ...0 .... = Directory: This is NOT a directory > .... .... .... .... .... .... .... 0... = Volume ID: This is NOT a volume ID > .... .... .... .... .... .... .... .0.. = System: This is NOT a system file > .... .... .... .... .... .... .... ..0. = Hidden: This is NOT a hidden file > .... .... .... .... .... .... .... ...0 = Read Only: This file is NOT read only > Share Access: 0x00000007 > .... .... .... .... .... .... .... .1.. = Delete: Object can be shared for DELETE > .... .... .... .... .... .... .... ..1. = Write: Object can be shared for WRITE > .... .... .... .... .... .... .... ...1 = Read: Object can be shared for READ > Disposition: Open (if file exists open it, else fail) (1) > Create Options: 0x00000940 > .... .... .... .... .... .... .... ...0 = Directory: File being created/opened must not be a directory > .... .... .... .... .... .... .... ..0. = Write Through: Writes need not flush buffered data before completing > .... .... .... .... .... .... .... .0.. = Sequential Only: The file might not only be accessed sequentially > .... .... .... .... .... .... ...0 .... = Sync I/O Alert: Operations NOT necessarily synchronous > .... .... .... .... .... .... ..0. .... = Sync I/O Nonalert: Operations NOT necessarily synchronous > .... .... .... .... .... .... .1.. .... = Non-Directory: File being created/opened must not be a directory > .... .... .... .... .... ..0. .... .... = No EA Knowledge: The client understands extended attributes > .... .... .... .... .... .0.. .... .... = 8.3 Only: The client understands long file names > .... .... .... .... .... 1... .... .... = Random Access: The file will be accessed randomly > .... .... .... .... ...0 .... .... .... = Delete On Close: The file should not be deleted when it is closed > Impersonation: Impersonation (2) > Security Flags: 0x00 > .... ...0 = Context Tracking: Security tracking mode is STATIC > .... ..0. = Effective Only: ALL aspects of the client's security context are available > Byte Count (BCC): 111 > File Name: \wha-quickbooks\Westside Housing - General Account.QBW > >Frame 9695 (109 bytes on wire, 109 bytes captured) > Arrival Time: Oct 26, 2005 11:10:35.419851000 > Time delta from previous packet: 0.000779000 seconds > Time since reference or first frame: 44.312040000 seconds > Frame Number: 9695 > Packet Length: 109 bytes > Capture Length: 109 bytes > Protocols in frame: eth:ip:tcp:nbss:smb >Ethernet II, Src: AsustekC_55:55:d0 (00:e0:18:55:55:d0), Dst: AcctonTe_c7:cf:74 (00:10:b5:c7:cf:74) > Destination: AcctonTe_c7:cf:74 (00:10:b5:c7:cf:74) > Source: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Type: IP (0x0800) >Internet Protocol, Src: 192.168.0.252 (192.168.0.252), Dst: 192.168.0.120 (192.168.0.120) > Version: 4 > Header length: 20 bytes > Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) > 0000 00.. = Differentiated Services Codepoint: Default (0x00) > .... ..0. = ECN-Capable Transport (ECT): 0 > .... ...0 = ECN-CE: 0 > Total Length: 95 > Identification: 0x5cb9 (23737) > Flags: 0x04 (Don't Fragment) > 0... = Reserved bit: Not set > .1.. = Don't fragment: Set > ..0. = More fragments: Not set > Fragment offset: 0 > Time to live: 128 > Protocol: TCP (0x06) > Header checksum: 0x1b1b [correct] > Source: 192.168.0.252 (192.168.0.252) > Destination: 192.168.0.120 (192.168.0.120) >Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 1070 (1070), Seq: 6641874, Ack: 728697, Len: 55 > Source port: microsoft-ds (445) > Destination port: 1070 (1070) > Sequence number: 6641874 (relative sequence number) > Next sequence number: 6641929 (relative sequence number) > Acknowledgement number: 728697 (relative ack number) > Header length: 20 bytes > Flags: 0x0018 (PSH, ACK) > 0... .... = Congestion Window Reduced (CWR): Not set > .0.. .... = ECN-Echo: Not set > ..0. .... = Urgent: Not set > ...1 .... = Acknowledgment: Set > .... 1... = Push: Set > .... .0.. = Reset: Not set > .... ..0. = Syn: Not set > .... ...0 = Fin: Not set > Window size: 17520 > Checksum: 0xafd6 [correct] >NetBIOS Session Service > Message Type: Session message > Length: 51 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > SMB Command: Locking AndX (0x24) > Error Class: Success (0x00) > Reserved: 00 > Error Code: No Error > Flags: 0x00 > 0... .... = Request/Response: Message is a request to the server > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...0 .... = Canonicalized Pathnames: Pathnames are not canonicalized > .... 0... = Case Sensitivity: Path names are case sensitive > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0x0000 > 0... .... .... .... = Unicode Strings: Strings are ASCII > .0.. .... .... .... = Error Code Type: Error codes are DOS error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 0... .... .... = Extended Security Negotiation: Extended security negotiation is not supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .0.. = Security Signatures: Security signatures are not supported > .... .... .... ..0. = Extended Attributes: Extended attributes are not supported > .... .... .... ...0 = Long Names Allowed: Long file names are not allowed in the response > Process ID High: 0 > Signature: 0000000000000000 > Reserved: 0000 > Tree ID: 4101 > Process ID: 65535 > User ID: 0 > Multiplex ID: 65535 > Locking AndX Request (0x24) > Word Count (WCT): 8 > AndXCommand: No further commands (0xff) > Reserved: 00 > AndXOffset: 0 > FID: 0xc003 > Lock Type: 0x02 > ...0 .... = Large Files: Large file locking format not requested > .... 0... = Cancel: Don't cancel outstanding lock request > .... .0.. = Change: Don't change lock type > .... ..1. = Oplock Break: This is an oplock break notification/response > .... ...0 = Shared: This is an exclusive lock > Oplock Level: Level 2 oplock currently held by client (1) > Timeout: Return immediately (0) > Number of Unlocks: 0 > Number of Locks: 0 > Byte Count (BCC): 0 > >Frame 9696 (129 bytes on wire, 129 bytes captured) > Arrival Time: Oct 26, 2005 11:10:35.420460000 > Time delta from previous packet: 0.000609000 seconds > Time since reference or first frame: 44.312649000 seconds > Frame Number: 9696 > Packet Length: 129 bytes > Capture Length: 129 bytes > Protocols in frame: eth:ip:tcp:nbss:smb >Ethernet II, Src: AcctonTe_c7:cf:74 (00:10:b5:c7:cf:74), Dst: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Destination: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Source: AcctonTe_c7:cf:74 (00:10:b5:c7:cf:74) > Type: IP (0x0800) >Internet Protocol, Src: 192.168.0.120 (192.168.0.120), Dst: 192.168.0.252 (192.168.0.252) > Version: 4 > Header length: 20 bytes > Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) > 0000 00.. = Differentiated Services Codepoint: Default (0x00) > .... ..0. = ECN-Capable Transport (ECT): 0 > .... ...0 = ECN-CE: 0 > Total Length: 115 > Identification: 0x6c27 (27687) > Flags: 0x04 (Don't Fragment) > 0... = Reserved bit: Not set > .1.. = Don't fragment: Set > ..0. = More fragments: Not set > Fragment offset: 0 > Time to live: 128 > Protocol: TCP (0x06) > Header checksum: 0x0b99 [correct] > Source: 192.168.0.120 (192.168.0.120) > Destination: 192.168.0.252 (192.168.0.252) >Transmission Control Protocol, Src Port: 1070 (1070), Dst Port: microsoft-ds (445), Seq: 728697, Ack: 6641929, Len: 75 > Source port: 1070 (1070) > Destination port: microsoft-ds (445) > Sequence number: 728697 (relative sequence number) > Next sequence number: 728772 (relative sequence number) > Acknowledgement number: 6641929 (relative ack number) > Header length: 20 bytes > Flags: 0x0018 (PSH, ACK) > 0... .... = Congestion Window Reduced (CWR): Not set > .0.. .... = ECN-Echo: Not set > ..0. .... = Urgent: Not set > ...1 .... = Acknowledgment: Set > .... 1... = Push: Set > .... .0.. = Reset: Not set > .... ..0. = Syn: Not set > .... ...0 = Fin: Not set > Window size: 64240 > Checksum: 0x254e [correct] > SEQ/ACK analysis > This is an ACK to the segment in frame: 9695 > The RTT to ACK the segment was: 0.000609000 seconds >NetBIOS Session Service > Message Type: Session message > Length: 71 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > SMB Command: Locking AndX (0x24) > NT Status: STATUS_SUCCESS (0x00000000) > Flags: 0x18 > 0... .... = Request/Response: Message is a request to the server > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...1 .... = Canonicalized Pathnames: Pathnames are canonicalized > .... 1... = Case Sensitivity: Path names are caseless > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0xc807 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .1.. .... .... .... = Error Code Type: Error codes are NT error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .1.. = Security Signatures: Security signatures are supported > .... .... .... ..1. = Extended Attributes: Extended attributes are supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: B8F1D4CD91E94B18 > Reserved: 0000 > Tree ID: 4101 > Process ID: 65279 > User ID: 8193 > Multiplex ID: 45696 > Locking AndX Request (0x24) > Word Count (WCT): 8 > AndXCommand: No further commands (0xff) > Reserved: 00 > AndXOffset: 57054 > FID: 0xc003 > Lock Type: 0x10 > ...1 .... = Large Files: Large file locking format requested > .... 0... = Cancel: Don't cancel outstanding lock request > .... .0.. = Change: Don't change lock type > .... ..0. = Oplock Break: This is not an oplock break notification/response > .... ...0 = Shared: This is an exclusive lock > Oplock Level: Client is not holding oplock on this file (0) > Timeout: Wait indefinitely (-1) > Number of Unlocks: 0 > Number of Locks: 1 > Byte Count (BCC): 20 > Locks > Lock > Process ID: 65279 > Reserved: 0000 > Offset: 563 > Length: 1 > >Frame 9697 (100 bytes on wire, 100 bytes captured) > Arrival Time: Oct 26, 2005 11:10:35.420541000 > Time delta from previous packet: 0.000081000 seconds > Time since reference or first frame: 44.312730000 seconds > Frame Number: 9697 > Packet Length: 100 bytes > Capture Length: 100 bytes > Protocols in frame: eth:ip:tcp:nbss:smb >Ethernet II, Src: AsustekC_55:55:d0 (00:e0:18:55:55:d0), Dst: AcctonTe_c7:cf:74 (00:10:b5:c7:cf:74) > Destination: AcctonTe_c7:cf:74 (00:10:b5:c7:cf:74) > Source: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Type: IP (0x0800) >Internet Protocol, Src: 192.168.0.252 (192.168.0.252), Dst: 192.168.0.120 (192.168.0.120) > Version: 4 > Header length: 20 bytes > Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) > 0000 00.. = Differentiated Services Codepoint: Default (0x00) > .... ..0. = ECN-Capable Transport (ECT): 0 > .... ...0 = ECN-CE: 0 > Total Length: 86 > Identification: 0x5cba (23738) > Flags: 0x04 (Don't Fragment) > 0... = Reserved bit: Not set > .1.. = Don't fragment: Set > ..0. = More fragments: Not set > Fragment offset: 0 > Time to live: 128 > Protocol: TCP (0x06) > Header checksum: 0x1b23 [correct] > Source: 192.168.0.252 (192.168.0.252) > Destination: 192.168.0.120 (192.168.0.120) >Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 1070 (1070), Seq: 6641929, Ack: 728772, Len: 46 > Source port: microsoft-ds (445) > Destination port: 1070 (1070) > Sequence number: 6641929 (relative sequence number) > Next sequence number: 6641975 (relative sequence number) > Acknowledgement number: 728772 (relative ack number) > Header length: 20 bytes > Flags: 0x0018 (PSH, ACK) > 0... .... = Congestion Window Reduced (CWR): Not set > .0.. .... = ECN-Echo: Not set > ..0. .... = Urgent: Not set > ...1 .... = Acknowledgment: Set > .... 1... = Push: Set > .... .0.. = Reset: Not set > .... ..0. = Syn: Not set > .... ...0 = Fin: Not set > Window size: 17445 > Checksum: 0x71e4 [correct] > SEQ/ACK analysis > This is an ACK to the segment in frame: 9696 > The RTT to ACK the segment was: 0.000081000 seconds >NetBIOS Session Service > Message Type: Session message > Length: 42 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > Response to: 9696 > Time from request: 0.000081000 seconds > SMB Command: Locking AndX (0x24) > NT Status: STATUS_SUCCESS (0x00000000) > Flags: 0x98 > 1... .... = Request/Response: Message is a response to the client/redirector > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...1 .... = Canonicalized Pathnames: Pathnames are canonicalized > .... 1... = Case Sensitivity: Path names are caseless > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0xc807 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .1.. .... .... .... = Error Code Type: Error codes are NT error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .1.. = Security Signatures: Security signatures are supported > .... .... .... ..1. = Extended Attributes: Extended attributes are supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: E54F0C71A28CE62C > Reserved: 0000 > Tree ID: 4101 > Process ID: 65279 > User ID: 8193 > Multiplex ID: 45696 > Locking AndX Response (0x24) > Word Count (WCT): 2 > AndXCommand: No further commands (0xff) > Reserved: 00 > AndXOffset: 39 > Byte Count (BCC): 0 > >Frame 9698 (109 bytes on wire, 109 bytes captured) > Arrival Time: Oct 26, 2005 11:10:35.420850000 > Time delta from previous packet: 0.000309000 seconds > Time since reference or first frame: 44.313039000 seconds > Frame Number: 9698 > Packet Length: 109 bytes > Capture Length: 109 bytes > Protocols in frame: eth:ip:tcp:nbss:smb >Ethernet II, Src: AcctonTe_c7:cf:74 (00:10:b5:c7:cf:74), Dst: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Destination: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Source: AcctonTe_c7:cf:74 (00:10:b5:c7:cf:74) > Type: IP (0x0800) >Internet Protocol, Src: 192.168.0.120 (192.168.0.120), Dst: 192.168.0.252 (192.168.0.252) > Version: 4 > Header length: 20 bytes > Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) > 0000 00.. = Differentiated Services Codepoint: Default (0x00) > .... ..0. = ECN-Capable Transport (ECT): 0 > .... ...0 = ECN-CE: 0 > Total Length: 95 > Identification: 0x6c28 (27688) > Flags: 0x04 (Don't Fragment) > 0... = Reserved bit: Not set > .1.. = Don't fragment: Set > ..0. = More fragments: Not set > Fragment offset: 0 > Time to live: 128 > Protocol: TCP (0x06) > Header checksum: 0x0bac [correct] > Source: 192.168.0.120 (192.168.0.120) > Destination: 192.168.0.252 (192.168.0.252) >Transmission Control Protocol, Src Port: 1070 (1070), Dst Port: microsoft-ds (445), Seq: 728772, Ack: 6641975, Len: 55 > Source port: 1070 (1070) > Destination port: microsoft-ds (445) > Sequence number: 728772 (relative sequence number) > Next sequence number: 728827 (relative sequence number) > Acknowledgement number: 6641975 (relative ack number) > Header length: 20 bytes > Flags: 0x0018 (PSH, ACK) > 0... .... = Congestion Window Reduced (CWR): Not set > .0.. .... = ECN-Echo: Not set > ..0. .... = Urgent: Not set > ...1 .... = Acknowledgment: Set > .... 1... = Push: Set > .... .0.. = Reset: Not set > .... ..0. = Syn: Not set > .... ...0 = Fin: Not set > Window size: 64194 > Checksum: 0x1c15 [correct] > SEQ/ACK analysis > This is an ACK to the segment in frame: 9697 > The RTT to ACK the segment was: 0.000309000 seconds >NetBIOS Session Service > Message Type: Session message > Length: 51 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > SMB Command: Locking AndX (0x24) > NT Status: STATUS_SUCCESS (0x00000000) > Flags: 0x18 > 0... .... = Request/Response: Message is a request to the server > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...1 .... = Canonicalized Pathnames: Pathnames are canonicalized > .... 1... = Case Sensitivity: Path names are caseless > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0xc807 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .1.. .... .... .... = Error Code Type: Error codes are NT error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .1.. = Security Signatures: Security signatures are supported > .... .... .... ..1. = Extended Attributes: Extended attributes are supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: 0C120099CB071D1E > Reserved: 0000 > Tree ID: 4101 > Process ID: 65279 > User ID: 8193 > Multiplex ID: 65535 > Locking AndX Request (0x24) > Word Count (WCT): 8 > AndXCommand: No further commands (0xff) > Reserved: 00 > AndXOffset: 57054 > FID: 0xc003 > Lock Type: 0x12 > ...1 .... = Large Files: Large file locking format requested > .... 0... = Cancel: Don't cancel outstanding lock request > .... .0.. = Change: Don't change lock type > .... ..1. = Oplock Break: This is an oplock break notification/response > .... ...0 = Shared: This is an exclusive lock > Oplock Level: Level 2 oplock currently held by client (1) > Timeout: Wait indefinitely (-1) > Number of Unlocks: 0 > Number of Locks: 0 > Byte Count (BCC): 0 > >Frame 9699 (193 bytes on wire, 193 bytes captured) > Arrival Time: Oct 26, 2005 11:10:35.421068000 > Time delta from previous packet: 0.000218000 seconds > Time since reference or first frame: 44.313257000 seconds > Frame Number: 9699 > Packet Length: 193 bytes > Capture Length: 193 bytes > Protocols in frame: eth:ip:tcp:nbss:smb >Ethernet II, Src: AsustekC_55:55:d0 (00:e0:18:55:55:d0), Dst: Ibm_5d:92:37 (00:11:25:5d:92:37) > Destination: Ibm_5d:92:37 (00:11:25:5d:92:37) > Source: AsustekC_55:55:d0 (00:e0:18:55:55:d0) > Type: IP (0x0800) >Internet Protocol, Src: 192.168.0.252 (192.168.0.252), Dst: 192.168.0.54 (192.168.0.54) > Version: 4 > Header length: 20 bytes > Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) > 0000 00.. = Differentiated Services Codepoint: Default (0x00) > .... ..0. = ECN-Capable Transport (ECT): 0 > .... ...0 = ECN-CE: 0 > Total Length: 179 > Identification: 0x5cbb (23739) > Flags: 0x04 (Don't Fragment) > 0... = Reserved bit: Not set > .1.. = Don't fragment: Set > ..0. = More fragments: Not set > Fragment offset: 0 > Time to live: 128 > Protocol: TCP (0x06) > Header checksum: 0x1b07 [correct] > Source: 192.168.0.252 (192.168.0.252) > Destination: 192.168.0.54 (192.168.0.54) >Transmission Control Protocol, Src Port: netbios-ssn (139), Dst Port: 1268 (1268), Seq: 10406, Ack: 17878, Len: 139 > Source port: netbios-ssn (139) > Destination port: 1268 (1268) > Sequence number: 10406 (relative sequence number) > Next sequence number: 10545 (relative sequence number) > Acknowledgement number: 17878 (relative ack number) > Header length: 20 bytes > Flags: 0x0018 (PSH, ACK) > 0... .... = Congestion Window Reduced (CWR): Not set > .0.. .... = ECN-Echo: Not set > ..0. .... = Urgent: Not set > ...1 .... = Acknowledgment: Set > .... 1... = Push: Set > .... .0.. = Reset: Not set > .... ..0. = Syn: Not set > .... ...0 = Fin: Not set > Window size: 16133 > Checksum: 0x902e [correct] > SEQ/ACK analysis > This is an ACK to the segment in frame: 9694 > The RTT to ACK the segment was: 0.001996000 seconds >NetBIOS Session Service > Message Type: Session message > Flags: 0x00 > .... ...0 = Add 0 to length > Length: 135 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > Response to: 9694 > Time from request: 0.001996000 seconds > SMB Command: NT Create AndX (0xa2) > NT Status: STATUS_SUCCESS (0x00000000) > Flags: 0x98 > 1... .... = Request/Response: Message is a response to the client/redirector > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...1 .... = Canonicalized Pathnames: Pathnames are canonicalized > .... 1... = Case Sensitivity: Path names are caseless > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0xc807 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .1.. .... .... .... = Error Code Type: Error codes are NT error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .1.. = Security Signatures: Security signatures are supported > .... .... .... ..1. = Extended Attributes: Extended attributes are supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: EFF90705619D9322 > Reserved: 0000 > Tree ID: 51204 > Process ID: 3696 > User ID: 51200 > Multiplex ID: 42690 > NT Create AndX Response (0xa2) > Word Count (WCT): 42 > AndXCommand: No further commands (0xff) > Reserved: 00 > AndXOffset: 135 > Oplock level: No oplock granted (0) > FID: 0xc003 > Create action: The file existed and was opened (1) > Created: Oct 26, 2005 10:00:45.396696800 > Last Access: Oct 26, 2005 11:10:20.747015600 > Last Write: Oct 26, 2005 11:10:20.747015600 > Change: Oct 26, 2005 11:10:20.747015600 > File Attributes: 0x00000020 > .... .... .... .... .0.. .... .... .... = Encrypted: This is NOT an encrypted file > .... .... .... .... ..0. .... .... .... = Content Indexed: This file MAY be indexed by the content indexing service > .... .... .... .... ...0 .... .... .... = Offline: This file is NOT offline > .... .... .... .... .... 0... .... .... = Compressed: This is NOT a compressed file > .... .... .... .... .... .0.. .... .... = Reparse Point: This file does NOT have an associated reparse point > .... .... .... .... .... ..0. .... .... = Sparse: This is NOT a sparse file > .... .... .... .... .... ...0 .... .... = Temporary: This is NOT a temporary file > .... .... .... .... .... .... 0... .... = Normal: This file has some attribute set > .... .... .... .... .... .... .0.. .... = Device: This is NOT a device > .... .... .... .... .... .... ..1. .... = Archive: This file has been modified since last ARCHIVE > .... .... .... .... .... .... ...0 .... = Directory: This is NOT a directory > .... .... .... .... .... .... .... 0... = Volume ID: This is NOT a volume ID > .... .... .... .... .... .... .... .0.. = System: This is NOT a system file > .... .... .... .... .... .... .... ..0. = Hidden: This is NOT a hidden file > .... .... .... .... .... .... .... ...0 = Read Only: This file is NOT read only > Allocation Size: 17776640 > End Of File: 17774592 > File Type: Disk file or directory (0) > IPC State: 0x0007 > 0... .... .... .... = Nonblocking: Reads/writes block if no data available > .0.. .... .... .... = Endpoint: Consumer end of pipe (0) > .... 00.. .... .... = Pipe Type: Byte stream pipe (0) > .... ..00 .... .... = Read Mode: Read pipe as a byte stream (0) > .... .... 0000 0111 = Icount: 7 > Is Directory: This is NOT a directory (0) > Byte Count (BCC): 0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1544">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 2421
: 1544 |
1545