Sybase Packet Trace

From EggeWiki

Sometimes it's useful to view all the data being sent and received from a Sybase installation. Depending on the hardware one may be able to directly run a packet sniffer to view the traffic. Alternatively, one can run the traffic through a TCP tracing utility.

To do this, first one needs a transparent TCP proxy. I happen to like Balance from Inlab software http://www.inlab.de/balance.html . I like to run balance on a different machine from the DB server, and run on the same port. 

balance -pf 1394 dbserver:1394 > /tmp/packets.log

Once this is setup, you need to modify the client. For Java, the connection properties usually include a server and port, so this is easy to change. For programs using Sybase's CTLib, they expect to find an interface file in Sybase's home directory. Assuming you don't want to or can't change that file, one can easily make a copy of the Sybase directory. Since this can be quite large, and we only need to modify one file, we can just create symlinks to the original files. 

mkdir sybase
cd sybase/
for f in `ls /opt/sybase/ase/12.5.3.0.13325`; do ln -s $f; done
# now make a real copy of the interfaces file
cp interfaces interfaces2
mv interfaces2 interfaces
chmod 644 interfaces

Depending on the format of the interfaces file, one may be able to edit it a text editor, or one may need to use the dscp command. 

$SYBASE/OCS-12_0/bin/dscp
>> ?

help, h, ? -- This screen.

open [DSNAME] -- Open a session for the default directory service, or the DSNAME directory service.

close [SESS] -- Close the session numbered SESS, or the current one.

sess -- List all the sessions.

[switch] SESS -- Make session numbered SESS the current session.

add SERVER_NAME -- Add a new server object to the directory service.

read SERVER_NAME -- Read the content of a server object.

mod SERVER_NAME -- Modify an existing server object.

addattr SERVER_NAME -- Add an attribute to an existing server object.

del SERVER_NAME -- Delete an existing server object.

list [all] -- List all the server objects.

copy NAME1 to { SESS NAME2 | SESS | NAME2 } -- Copy the object NAME1 to a new object NAME2 in the session numbered SESS, or the current session.

copyall to SESS -- Copy all the server objects in the current session to the session numbered SESS.

delete-all -- Delete all the server objects in the current session.

config -- List the current configuration.

exit, quit -- Exit program.
>> open
ok
FailOver to Interface Driver.

>> read MYDB

DIT base for object:  interfaces
  Distinguish name: MYDB
  Server Entry Version: 1
  Server Name: MYDB
  Server Service: SQL Server
  Server Status: 4 (Unknown)
  Server Address: 
    Transport Type: tli tcp
    Transport Address: dbserver 1394

>> mod MYDB
Address:
    Transport Type: [tli tcp] 
    Transport Address: [dbserver 1394] proxyserver 1394
    Transport Type: [] 
Modified MYDB

Session 1 InterfacesDriver>> close

Now, fire up your client, and all your traffic will be logged.

Retrieved from "https://www.theeggeadventure.com/wikimedia/wikimedia/index.php?title=Sybase_Packet_Trace&oldid=2063"