smb: improve nbss/smb record detection

author Victor Julien <victor@inliniac.net>

Tue, 13 Mar 2018 12:44:35 +0000 (13:44 +0100)

committer Victor Julien <victor@inliniac.net>

Tue, 13 Mar 2018 12:44:35 +0000 (13:44 +0100)
author Victor Julien <victor@inliniac.net>
Tue, 13 Mar 2018 12:44:35 +0000 (13:44 +0100)
committer Victor Julien <victor@inliniac.net>
Tue, 13 Mar 2018 12:44:35 +0000 (13:44 +0100)
diff --git a/rust/src/smb/nbss_records.rs b/rust/src/smb/nbss_records.rs

index fd062992ea76a5b35b97e0afee419e33174dcab6..cd7d96f19cfbb788ca5a14944a71862e98f868e6 100644 (file)
--- a/rust/src/smb/nbss_records.rs
+++ b/rust/src/smb/nbss_records.rs
@@ -43,7 +43,8 @@ impl<'a> NbssRecord<'a> {
              _ => false,
          };
          let smb = if self.data.len() >= 4 &&
-            self.data[1] == 'S' as u8 && self.data[2] == 'M' as u8 && self.data[3] == 'B' as u8
+            self.data[1] == 'S' as u8 && self.data[2] == 'M' as u8 && self.data[3] == 'B' as u8 &&
+            (self.data[0] == b'\xFE' || self.data[0] == b'\xFF' || self.data[0] == b'\xFD')
          {
              true
          } else {
author	Victor Julien <victor@inliniac.net>
	Tue, 13 Mar 2018 12:44:35 +0000 (13:44 +0100)
committer	Victor Julien <victor@inliniac.net>
	Tue, 13 Mar 2018 12:44:35 +0000 (13:44 +0100)