Immediately after the header is a variable number of bytes that constitute an SMB command or reply. Each command, such as Open File (COM field identifier:
SMBopen) or Get Print Queue (
SMBsplretq ), has its own set of parameters and data. Like the SMB header fields, not all of the command fields need to be filled, depending on the specific command. For example, the Get Server Attributes (
SMBdskattr) command sets the WCT and BCC fields to zero. The fields of the command segment are shown in
Table 3.2.
Don't worry if you don't understand each of these fields; they are not necessary for using Samba at an administrator level. However, they do come in handy when debugging system messages. We will show you some of the more common SMB messages that clients and servers send using a modified version of
tcpdump later in this section. (If you would like an SMB sniffer with a graphical interface, try "ethereal," which uses the GTK libraries; see the Samba homepage for more information on this tool.)
If you would like more information on each of the commands for the SMB protocol, see the SMB/CIFS documentation at
ftp://ftp.microsoft.com/developr/drg/CIFS/.
