I have a complex folder structure that gets copied via SMB2 by a custom application that has a very limited logging functionality. The transfer seems to be breaking somewhere in the middle and I suspect one of the file or folder names to be the problem. Is there a way to specify a wildcard in the filter that would show only packets that have a value in the filename filed ? As a workaround I added Filename as a column and set up a filter for smb.create_options == 0x00200021, which does the trick, I am just wondering what I am doing wrong when I use the following filter? smb2.filename matches "C_\\SHARENAME\\SAMPLEFOLDER\\SUBFOLDER\\$" asked 09 Sep '14, 13:14  net_tech edited 09 Sep '14, 13:16 |
One Answer:
I think "matches" is the regex version, maybe using "contains" helps? answered 09 Sep '14, 13:19  Jasper ♦♦ |
both matches and contains seem to work, but once I get to the 1st slash and reapply the filter no packets are displayed
smb2.filename matches "C_"
I guess it has to do with regex using some characters as special commands. You'd have to check regex syntax to see what the slashes mean.