For the sake of completeness, WinOT and WinNT use a HOSTS file.
For Win2k, this file is located in
C:\WINNT\system32\drivers\etc\HOSTS
This directory also contains other UNIX flavored files :)
I use the HOSTS file to add mappings for RAS dialin numbers
and hosts not having a name lookup mapping. Some file sharing
software add entries to HOSTS that block ads by letting the
ad server be mapped to 127.0.0.1 but that's another story :)
Regards,
Olivier
> -----Original Message-----
> From: Guy Harris [mailto:gharris@xxxxxxxxx]
>
> On Sun, Apr 27, 2003 at 11:06:19PM +0000, Mimic Fox wrote:
> > I dumped the packets generated by Ethereal,
> > and I confirmed Ethereal sent no netbios queries in fact.
> >
> > If Ethereal uses gethostbyaddr() or getnameinfo() in
> Windows2000 or older,
> > Ethereal would send netbios name service queries for addr-to-name
> > resolution.
>
> It *does* use "gethostbyaddr()", so either
>
> 1) Ethereal does send NetBIOS name service queries
>
> or
>
> 2) your assertion that "If Ethereal uses gethostbyaddr() or
> getnameinfo() in Windows2000 or older, Ethereal would send
> netbios name service queries for addr-to-name resolution" is
> incorrect.
>
> Therefore, either
>
> 1) it's sending them, but you missed them (you are looking both
> for packets sent to the WINS server *AND* NetBIOS Name
> Service "NODE STATUS REQUEST" packets sent to the IP address
> to be resolved, right?)
>
> or
>
> 2) your assertion is incorrect.
>
> > I guess that Ethereal uses a special function, not a standard API,
> > for addr-to-name resolution. Right?
>
> Wrong. Don't guess, read the source code - "epan/resolv.c", in
> particular. See "get_hostname()", which calls "host_name_lookup()",
> which calls "gethostbyaddr()".
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>
