#include "suricata-common.h"#include "util-debug.h"#include "util-byte.h"#include "util-enum.h"#include "util-mem.h"#include "util-misc.h"#include "stream.h"#include "stream-tcp.h"#include "app-layer-protos.h"#include "app-layer-parser.h"#include "app-layer-modbus.h"#include "app-layer-detect-proto.h"#include "conf.h"#include "conf-yaml-loader.h"#include "decode.h"#include "detect.h"#include "detect-engine.h"#include "detect-parse.h"#include "flow-util.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "stream-tcp-private.h"
Go to the source code of this file.
Data Structures | |
| struct | ModbusHeader_ |
| struct | ModbusFunctionCodeRange_ |
Typedefs | |
| typedef struct ModbusHeader_ | ModbusHeader |
| typedef struct ModbusFunctionCodeRange_ | ModbusFunctionCodeRange |
Functions | |
| struct ModbusHeader_ | __attribute__ ((__packed__)) |
| DNP3 link header. More... | |
| void | RegisterModbusParsers (void) |
| Function to register the Modbus protocol parsers and other functions. More... | |
| void | ModbusParserRegisterTests (void) |
Variables | |
| SCEnumCharMap | modbus_decoder_event_table [] |
| uint16_t | transactionId |
| uint16_t | protocolId |
| uint16_t | length |
| uint8_t | unitId |
Detailed Description
App-layer parser for Modbus protocol
Definition in file app-layer-modbus.c.
Macro Definition Documentation
◆ CEIL
| #define CEIL | ( | quantity | ) | (((quantity) + 7)>>3) |
Definition at line 163 of file app-layer-modbus.c.
◆ MODBUS_CONFIG_DEFAULT_REQUEST_FLOOD
| #define MODBUS_CONFIG_DEFAULT_REQUEST_FLOOD 500 |
Definition at line 166 of file app-layer-modbus.c.
◆ MODBUS_CONFIG_DEFAULT_STREAM_DEPTH
| #define MODBUS_CONFIG_DEFAULT_STREAM_DEPTH 0 |
Definition at line 169 of file app-layer-modbus.c.
◆ MODBUS_ERROR_CODE_ILLEGAL_DATA_ADDRESS
| #define MODBUS_ERROR_CODE_ILLEGAL_DATA_ADDRESS 0x02 |
Definition at line 143 of file app-layer-modbus.c.
◆ MODBUS_ERROR_CODE_ILLEGAL_DATA_VALUE
| #define MODBUS_ERROR_CODE_ILLEGAL_DATA_VALUE 0x03 |
Definition at line 144 of file app-layer-modbus.c.
◆ MODBUS_ERROR_CODE_ILLEGAL_FUNCTION
| #define MODBUS_ERROR_CODE_ILLEGAL_FUNCTION 0x01 |
Definition at line 142 of file app-layer-modbus.c.
◆ MODBUS_ERROR_CODE_MEMORY_PARITY_ERROR
| #define MODBUS_ERROR_CODE_MEMORY_PARITY_ERROR 0x08 |
Definition at line 146 of file app-layer-modbus.c.
◆ MODBUS_ERROR_CODE_SERVER_DEVICE_FAILURE
| #define MODBUS_ERROR_CODE_SERVER_DEVICE_FAILURE 0x04 |
Definition at line 145 of file app-layer-modbus.c.
◆ MODBUS_FUNC_DIAGNOSTIC
| #define MODBUS_FUNC_DIAGNOSTIC 0x08 |
Definition at line 105 of file app-layer-modbus.c.
◆ MODBUS_FUNC_ENCAPINTTRANS
| #define MODBUS_FUNC_ENCAPINTTRANS 0x2b |
Definition at line 116 of file app-layer-modbus.c.
◆ MODBUS_FUNC_ERRORMASK
| #define MODBUS_FUNC_ERRORMASK 0x80 |
Definition at line 118 of file app-layer-modbus.c.
◆ MODBUS_FUNC_GETCOMEVTCOUNTER
| #define MODBUS_FUNC_GETCOMEVTCOUNTER 0x0b |
Definition at line 106 of file app-layer-modbus.c.
◆ MODBUS_FUNC_GETCOMEVTLOG
| #define MODBUS_FUNC_GETCOMEVTLOG 0x0c |
Definition at line 107 of file app-layer-modbus.c.
◆ MODBUS_FUNC_MASK
| #define MODBUS_FUNC_MASK 0x7f |
Definition at line 117 of file app-layer-modbus.c.
◆ MODBUS_FUNC_MASKWRITEREG
| #define MODBUS_FUNC_MASKWRITEREG 0x16 |
Definition at line 113 of file app-layer-modbus.c.
◆ MODBUS_FUNC_READCOILS
| #define MODBUS_FUNC_READCOILS 0x01 |
Definition at line 98 of file app-layer-modbus.c.
◆ MODBUS_FUNC_READDISCINPUTS
| #define MODBUS_FUNC_READDISCINPUTS 0x02 |
Definition at line 99 of file app-layer-modbus.c.
◆ MODBUS_FUNC_READEXCSTATUS
| #define MODBUS_FUNC_READEXCSTATUS 0x07 |
Definition at line 104 of file app-layer-modbus.c.
◆ MODBUS_FUNC_READFIFOQUEUE
| #define MODBUS_FUNC_READFIFOQUEUE 0x18 |
Definition at line 115 of file app-layer-modbus.c.
◆ MODBUS_FUNC_READFILERECORD
| #define MODBUS_FUNC_READFILERECORD 0x14 |
Definition at line 111 of file app-layer-modbus.c.
◆ MODBUS_FUNC_READHOLDREGS
| #define MODBUS_FUNC_READHOLDREGS 0x03 |
Definition at line 100 of file app-layer-modbus.c.
◆ MODBUS_FUNC_READINPUTREGS
| #define MODBUS_FUNC_READINPUTREGS 0x04 |
Definition at line 101 of file app-layer-modbus.c.
◆ MODBUS_FUNC_READWRITEMULTREGS
| #define MODBUS_FUNC_READWRITEMULTREGS 0x17 |
Definition at line 114 of file app-layer-modbus.c.
◆ MODBUS_FUNC_REPORTSERVERID
| #define MODBUS_FUNC_REPORTSERVERID 0x11 |
Definition at line 110 of file app-layer-modbus.c.
◆ MODBUS_FUNC_WRITEFILERECORD
| #define MODBUS_FUNC_WRITEFILERECORD 0x15 |
Definition at line 112 of file app-layer-modbus.c.
◆ MODBUS_FUNC_WRITEMULTCOILS
| #define MODBUS_FUNC_WRITEMULTCOILS 0x0f |
Definition at line 108 of file app-layer-modbus.c.
◆ MODBUS_FUNC_WRITEMULTREGS
| #define MODBUS_FUNC_WRITEMULTREGS 0x10 |
Definition at line 109 of file app-layer-modbus.c.
◆ MODBUS_FUNC_WRITESINGLECOIL
| #define MODBUS_FUNC_WRITESINGLECOIL 0x05 |
Definition at line 102 of file app-layer-modbus.c.
◆ MODBUS_FUNC_WRITESINGLEREG
| #define MODBUS_FUNC_WRITESINGLEREG 0x06 |
Definition at line 103 of file app-layer-modbus.c.
◆ MODBUS_MAX_ADU_LEN
| #define MODBUS_MAX_ADU_LEN 254 |
Definition at line 79 of file app-layer-modbus.c.
◆ MODBUS_MAX_COUNT
| #define MODBUS_MAX_COUNT 250 |
Definition at line 95 of file app-layer-modbus.c.
◆ MODBUS_MAX_INVALID_UNIT_ID
| #define MODBUS_MAX_INVALID_UNIT_ID 255 |
Definition at line 86 of file app-layer-modbus.c.
◆ MODBUS_MAX_QUANTITY_IN_BIT_ACCESS
| #define MODBUS_MAX_QUANTITY_IN_BIT_ACCESS 2000 |
Definition at line 90 of file app-layer-modbus.c.
◆ MODBUS_MAX_QUANTITY_IN_WORD_ACCESS
| #define MODBUS_MAX_QUANTITY_IN_WORD_ACCESS 125 |
Definition at line 91 of file app-layer-modbus.c.
◆ MODBUS_MEI_ENCAPINTTRANS_CAN
| #define MODBUS_MEI_ENCAPINTTRANS_CAN 0x0d |
Definition at line 138 of file app-layer-modbus.c.
◆ MODBUS_MEI_ENCAPINTTRANS_READ
| #define MODBUS_MEI_ENCAPINTTRANS_READ 0x0e |
Definition at line 139 of file app-layer-modbus.c.
◆ MODBUS_MIN_ADU_LEN
| #define MODBUS_MIN_ADU_LEN 2 |
Definition at line 78 of file app-layer-modbus.c.
◆ MODBUS_MIN_COUNT
| #define MODBUS_MIN_COUNT 1 |
Definition at line 94 of file app-layer-modbus.c.
◆ MODBUS_MIN_INVALID_UNIT_ID
| #define MODBUS_MIN_INVALID_UNIT_ID 247 |
Definition at line 85 of file app-layer-modbus.c.
◆ MODBUS_MIN_QUANTITY
| #define MODBUS_MIN_QUANTITY 0 |
Definition at line 89 of file app-layer-modbus.c.
◆ MODBUS_PROTOCOL_VER
| #define MODBUS_PROTOCOL_VER 0 |
Definition at line 82 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_BUS_MSG_COUNT
| #define MODBUS_SUBFUNC_BUS_MSG_COUNT 0x0b |
Definition at line 127 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_CHANGE_DELIMITER
| #define MODBUS_SUBFUNC_CHANGE_DELIMITER 0x03 |
Definition at line 124 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_CLEAR_COUNT
| #define MODBUS_SUBFUNC_CLEAR_COUNT 0x14 |
Definition at line 135 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_CLEAR_REGS
| #define MODBUS_SUBFUNC_CLEAR_REGS 0x0a |
Definition at line 126 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_COM_ERR_COUNT
| #define MODBUS_SUBFUNC_COM_ERR_COUNT 0x0c |
Definition at line 128 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_DIAG_REGS
| #define MODBUS_SUBFUNC_DIAG_REGS 0x02 |
Definition at line 123 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_EXCEPT_ERR_COUNT
| #define MODBUS_SUBFUNC_EXCEPT_ERR_COUNT 0x0d |
Definition at line 129 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_LISTEN_MODE
| #define MODBUS_SUBFUNC_LISTEN_MODE 0x04 |
Definition at line 125 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_QUERY_DATA
| #define MODBUS_SUBFUNC_QUERY_DATA 0x00 |
Definition at line 121 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_RESTART_COM
| #define MODBUS_SUBFUNC_RESTART_COM 0x01 |
Definition at line 122 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_SERVER_BUSY_COUNT
| #define MODBUS_SUBFUNC_SERVER_BUSY_COUNT 0x11 |
Definition at line 133 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_SERVER_CHAR_COUNT
| #define MODBUS_SUBFUNC_SERVER_CHAR_COUNT 0x12 |
Definition at line 134 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_SERVER_MSG_COUNT
| #define MODBUS_SUBFUNC_SERVER_MSG_COUNT 0x0e |
Definition at line 130 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_SERVER_NAK_COUNT
| #define MODBUS_SUBFUNC_SERVER_NAK_COUNT 0x10 |
Definition at line 132 of file app-layer-modbus.c.
◆ MODBUS_SUBFUNC_SERVER_NO_RSP_COUNT
| #define MODBUS_SUBFUNC_SERVER_NO_RSP_COUNT 0x0f |
Definition at line 131 of file app-layer-modbus.c.
◆ MODBUS_TYP_READ_WRITE_MULTIPLE
| #define MODBUS_TYP_READ_WRITE_MULTIPLE (MODBUS_TYP_READ | MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE) |
Definition at line 160 of file app-layer-modbus.c.
◆ MODBUS_TYP_WRITE_MULTIPLE
| #define MODBUS_TYP_WRITE_MULTIPLE (MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE) |
Definition at line 159 of file app-layer-modbus.c.
◆ MODBUS_TYP_WRITE_SINGLE
| #define MODBUS_TYP_WRITE_SINGLE (MODBUS_TYP_WRITE | MODBUS_TYP_SINGLE) |
Definition at line 158 of file app-layer-modbus.c.
Typedef Documentation
◆ ModbusFunctionCodeRange
| typedef struct ModbusFunctionCodeRange_ ModbusFunctionCodeRange |
◆ ModbusHeader
| typedef struct ModbusHeader_ ModbusHeader |
Definition at line 58 of file app-layer-modbus.c.
Function Documentation
◆ ModbusParserRegisterTests()
| void ModbusParserRegisterTests | ( | void | ) |
Definition at line 3016 of file app-layer-modbus.c.
References UtRegisterTest().
◆ RegisterModbusParsers()
| void RegisterModbusParsers | ( | void | ) |
Function to register the Modbus protocol parsers and other functions.
Definition at line 1458 of file app-layer-modbus.c.
References ALPROTO_MODBUS, AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerProtoDetectPPRegister(), AppLayerProtoDetectRegisterProtocol(), RunmodeIsUnittests(), SCEnter, and STREAM_TOSERVER.
Referenced by AppLayerParserRegisterProtocolParsers().
Variable Documentation
◆ length
| uint16_t length |
Definition at line 2 of file app-layer-modbus.c.
Referenced by hashbig(), hashlittle(), hashlittle2(), hashlittle_safe(), hashword(), hashword2(), and ShortenString().
◆ modbus_decoder_event_table
| SCEnumCharMap modbus_decoder_event_table[] |
Definition at line 58 of file app-layer-modbus.c.
◆ protocolId
| uint16_t protocolId |
Definition at line 1 of file app-layer-modbus.c.
◆ transactionId
| uint16_t transactionId |
Definition at line 0 of file app-layer-modbus.c.
◆ unitId
| uint8_t unitId |
Definition at line 3 of file app-layer-modbus.c.
