I'm on CentOS.
I'm analyzing some SMB traffic. I'd like to find TCP streams related to certain paths. These paths are of the form: \\server_name\Share_Name\folder.
I've tried tshark -r file.pcap -Y 'frame contains "\\server_name\Share_Name\folder"' also with smb2 contains and escaping the backslash like "\\\\server_name\\Share_Name\\folder
What is the proper way to do it?
