diff options
Diffstat (limited to 'upstream/archlinux/man1/log2pcap.1')
| -rw-r--r-- | upstream/archlinux/man1/log2pcap.1 | 124 |
1 files changed, 124 insertions, 0 deletions
diff --git a/upstream/archlinux/man1/log2pcap.1 b/upstream/archlinux/man1/log2pcap.1 new file mode 100644 index 00000000..8006eec5 --- /dev/null +++ b/upstream/archlinux/man1/log2pcap.1 @@ -0,0 +1,124 @@ +'\" t +.\" Title: log2pcap +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/> +.\" Date: 02/19/2024 +.\" Manual: User Commands +.\" Source: Samba 4.19.5 +.\" Language: English +.\" +.TH "LOG2PCAP" "1" "02/19/2024" "Samba 4\&.19\&.5" "User Commands" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +log2pcap \- Extract network traces from Samba log files +.SH "SYNOPSIS" +.HP \w'\ 'u +log2pcap [\-h] [\-q] [logfile] [pcap_file] +.SH "DESCRIPTION" +.PP +This tool is part of the +\fBsamba\fR(7) +suite\&. +.PP +log2pcap +reads in a samba log file and generates a pcap file (readable by most sniffers, such as ethereal or tcpdump) based on the packet dumps in the log file\&. +.PP +The log file must have a +\fIlog level\fR +of at least +\fB5\fR +to get the SMB header/parameters right, +\fB10\fR +to get the first 512 data bytes of the packet and +\fB50\fR +to get the whole packet\&. +.SH "OPTIONS" +.PP +\-h +.RS 4 +If this parameter is specified the output file will be a hex dump, in a format that is readable by the +text2pcap +utility\&. +.RE +.PP +\-q +.RS 4 +Be quiet\&. No warning messages about missing or incomplete data will be given\&. +.RE +.PP +logfile +.RS 4 +Samba log file\&. log2pcap will try to read the log from stdin if the log file is not specified\&. +.RE +.PP +pcap_file +.RS 4 +Name of the output file to write the pcap (or hexdump) data to\&. If this argument is not specified, output data will be written to stdout\&. +.RE +.PP +\-?|\-\-help +.RS 4 +Print a summary of command line options\&. +.RE +.SH "EXAMPLES" +.PP +Extract all network traffic from all samba log files: +.PP +.if n \{\ +.RS 4 +.\} +.nf + $ log2pcap < /var/log/* > trace\&.pcap + +.fi +.if n \{\ +.RE +.\} +.PP +Convert to pcap using text2pcap: +.PP +.if n \{\ +.RS 4 +.\} +.nf + $ log2pcap \-h samba\&.log | text2pcap \-T 139,139 \- trace\&.pcap + +.fi +.if n \{\ +.RE +.\} +.SH "VERSION" +.PP +This man page is part of version 4\&.19\&.5 of the Samba suite\&. +.SH "BUGS" +.PP +Only SMB data is extracted from the samba logs, no LDAP, NetBIOS lookup or other data\&. +.PP +The generated TCP and IP headers don\*(Aqt contain a valid checksum\&. +.SH "SEE ALSO" +.PP +\fBtext2pcap\fR(1), +\fBethereal\fR(1) +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. +.PP +This manpage was written by Jelmer Vernooij\&. |