I've a need to decode TDS 4.2 and so I'm making some additions/fixes to
packet-tds.c to somewhat improve the decoding of same.
I expect I'll have the work done in a week or two.
With respect to the below from a note in an Aug 2003 EMail on the dev
mailing list:
"... It also makes an attempt to dissect part of the "remote procedure
call" packets (there appears to be a counted string at the beginning; I
don't know what's in the rest of the packet), ...."
I'm pretty sure I understand the format of "RPC" packets (at least for TDS
4.2) and will see what, if anything, makes sense for decoding the stored-
proc-args which occur after the "stored proc name"
On a separate note: I've a need to be able to specify the (non-standard)
port(s) being used by the Sybase server(s) in my environment so that
Ethereal will decode connectins for those ports as TDS.
Looking back at previous EMails, I note there was some discussion that a
way to do this is to implement "decode as" for the TDS dissector; However,
it appears that this was not implemented.
Implementing "decode as" does seem a good way to allow decoding a specific
conversation as TDS.
On the other hand it would seem an alternative might be to use a preference
and then have the dissector register the port specified in the preference
(This would be more useful for me since captures I'm examining have many
conversations (connections) to the same server and since all the captures
are for the same server(s)).
(Or: maybe both approaches are useful for different circumstances).
(The current heuristic doesn't really work for me since it basically seems
to require ms-sql default ports or a 'login' PDU before decoding TDL (if
I'm reading the code correctly)).
Any suggestions or comments on this ?
Thanks
Bill Meier