app-layer-modbus.h File Reference

#include "decode.h"
#include "detect-engine-state.h"
#include "queue.h"

Include dependency graph for app-layer-modbus.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures
struct	ModbusTransaction_
struct	ModbusState_

Macros
#define	MODBUS_CAT_NONE   0x0
#define	MODBUS_CAT_PUBLIC_ASSIGNED   (1<<0)
#define	MODBUS_CAT_PUBLIC_UNASSIGNED   (1<<1)
#define	MODBUS_CAT_USER_DEFINED   (1<<2)
#define	MODBUS_CAT_RESERVED   (1<<3)
#define	MODBUS_CAT_ALL   0xFF
#define	MODBUS_TYP_NONE   0x0
#define	MODBUS_TYP_ACCESS_MASK   0x03
#define	MODBUS_TYP_READ   (1<<0)
#define	MODBUS_TYP_WRITE   (1<<1)
#define	MODBUS_TYP_ACCESS_FUNCTION_MASK   0x3C
#define	MODBUS_TYP_BIT_ACCESS_MASK   0x0C
#define	MODBUS_TYP_DISCRETES   (1<<2)
#define	MODBUS_TYP_COILS   (1<<3)
#define	MODBUS_TYP_WORD_ACCESS_MASK   0x30
#define	MODBUS_TYP_INPUT   (1<<4)
#define	MODBUS_TYP_HOLDING   (1<<5)
#define	MODBUS_TYP_SINGLE   (1<<6)
#define	MODBUS_TYP_MULTIPLE   (1<<7)
#define	MODBUS_TYP_WRITE_SINGLE   (MODBUS_TYP_WRITE | MODBUS_TYP_SINGLE)
#define	MODBUS_TYP_WRITE_MULTIPLE   (MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE)
#define	MODBUS_TYP_READ_WRITE_MULTIPLE   (MODBUS_TYP_READ | MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE)
#define	MODBUS_FUNC_NONE   0x00

Typedefs
typedef struct ModbusTransaction_	ModbusTransaction
typedef struct ModbusState_	ModbusState

Enumerations
enum	{   MODBUS_DECODER_EVENT_INVALID_PROTOCOL_ID, MODBUS_DECODER_EVENT_UNSOLICITED_RESPONSE, MODBUS_DECODER_EVENT_INVALID_LENGTH, MODBUS_DECODER_EVENT_INVALID_UNIT_IDENTIFIER,   MODBUS_DECODER_EVENT_INVALID_FUNCTION_CODE, MODBUS_DECODER_EVENT_INVALID_VALUE, MODBUS_DECODER_EVENT_INVALID_EXCEPTION_CODE, MODBUS_DECODER_EVENT_VALUE_MISMATCH,   MODBUS_DECODER_EVENT_FLOODED }

Functions
void	RegisterModbusParsers (void)
	Function to register the Modbus protocol parsers and other functions. More...
void	ModbusParserRegisterTests (void)

Detailed Description

Author

David DIALLO diall.nosp@m.o@et.nosp@m..esie.nosp@m.a.fr

Definition in file app-layer-modbus.h.

Macro Definition Documentation

#define MODBUS_CAT_ALL   0xFF

Definition at line 61 of file app-layer-modbus.h.

#define MODBUS_CAT_NONE   0x0

Definition at line 56 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_CAT_PUBLIC_ASSIGNED   (1<<0)

Definition at line 57 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_CAT_PUBLIC_UNASSIGNED   (1<<1)

Definition at line 58 of file app-layer-modbus.h.

#define MODBUS_CAT_RESERVED   (1<<3)

Definition at line 60 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_CAT_USER_DEFINED   (1<<2)

Definition at line 59 of file app-layer-modbus.h.

#define MODBUS_FUNC_NONE   0x00

Definition at line 82 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_TYP_ACCESS_FUNCTION_MASK   0x3C

Definition at line 68 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_TYP_ACCESS_MASK   0x03

Definition at line 65 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_TYP_BIT_ACCESS_MASK   0x0C

Definition at line 69 of file app-layer-modbus.h.

#define MODBUS_TYP_COILS   (1<<3)

Definition at line 71 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_DISCRETES   (1<<2)

Definition at line 70 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_HOLDING   (1<<5)

Definition at line 74 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_INPUT   (1<<4)

Definition at line 73 of file app-layer-modbus.h.

#define MODBUS_TYP_MULTIPLE   (1<<7)

Definition at line 76 of file app-layer-modbus.h.

#define MODBUS_TYP_NONE   0x0

Definition at line 64 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_TYP_READ   (1<<0)

Definition at line 66 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_READ_WRITE_MULTIPLE   (MODBUS_TYP_READ | MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE)

Definition at line 79 of file app-layer-modbus.h.

#define MODBUS_TYP_SINGLE   (1<<6)

Definition at line 75 of file app-layer-modbus.h.

#define MODBUS_TYP_WORD_ACCESS_MASK   0x30

Definition at line 72 of file app-layer-modbus.h.

#define MODBUS_TYP_WRITE   (1<<1)

Definition at line 67 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_WRITE_MULTIPLE   (MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE)

Definition at line 78 of file app-layer-modbus.h.

#define MODBUS_TYP_WRITE_SINGLE   (MODBUS_TYP_WRITE | MODBUS_TYP_SINGLE)

Definition at line 77 of file app-layer-modbus.h.

Typedef Documentation

typedef struct ModbusState_ ModbusState

typedef struct ModbusTransaction_ ModbusTransaction

Enumeration Type Documentation

anonymous enum

Enumerator
MODBUS_DECODER_EVENT_INVALID_PROTOCOL_ID
MODBUS_DECODER_EVENT_UNSOLICITED_RESPONSE
MODBUS_DECODER_EVENT_INVALID_LENGTH
MODBUS_DECODER_EVENT_INVALID_UNIT_IDENTIFIER
MODBUS_DECODER_EVENT_INVALID_FUNCTION_CODE
MODBUS_DECODER_EVENT_INVALID_VALUE
MODBUS_DECODER_EVENT_INVALID_EXCEPTION_CODE
MODBUS_DECODER_EVENT_VALUE_MISMATCH
MODBUS_DECODER_EVENT_FLOODED

Definition at line 43 of file app-layer-modbus.h.

Function Documentation

void ModbusParserRegisterTests

(

void

)

Definition at line 3056 of file app-layer-modbus.c.

References UtRegisterTest().

Referenced by RegisterModbusParsers().

Here is the call graph for this function:

Here is the caller graph for this function:

void RegisterModbusParsers

(

void

)

Function to register the Modbus protocol parsers and other functions.

Definition at line 1490 of file app-layer-modbus.c.

References Flow_::alproto, ALPROTO_MODBUS, Flow_::alstate, AppLayerParserConfParserEnabled(), AppLayerParserParse(), AppLayerParserRegisterDetectFlagsFuncs(), AppLayerParserRegisterDetectStateFuncs(), AppLayerParserRegisterGetEventInfo(), AppLayerParserRegisterGetEventInfoById(), AppLayerParserRegisterGetEventsFunc(), AppLayerParserRegisterGetStateProgressCompletionStatus(), AppLayerParserRegisterGetStateProgressFunc(), AppLayerParserRegisterGetTx(), AppLayerParserRegisterGetTxCnt(), AppLayerParserRegisterLoggerFuncs(), AppLayerParserRegisterParser(), AppLayerParserRegisterParserAcceptableDataDirection(), AppLayerParserRegisterProtocolUnittests(), AppLayerParserRegisterStateFuncs(), AppLayerParserRegisterTxFreeFunc(), AppLayerParserSetStreamDepth(), AppLayerParserThreadCtxAlloc(), AppLayerParserThreadCtxFree(), AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerProtoDetectPPParseConfPorts(), AppLayerProtoDetectPPRegister(), AppLayerProtoDetectRegisterProtocol(), ConfGetNode(), ModbusTransaction_::data, DE_QUIET, DetectEngineAppendSig(), DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), FAIL_IF, FAIL_IF_NOT, FAIL_IF_NULL, Flow_::flags, Packet_::flags, DetectEngineCtx_::flags, Packet_::flow, FLOW_DESTROY, FLOW_INITIALIZE, FLOW_IPV4, FLOW_PKT_ESTABLISHED, FLOW_PKT_TOSERVER, Packet_::flowflags, FLOWLOCK_UNLOCK, FLOWLOCK_WRLOCK, ModbusTransaction_::function, MODBUS_CONFIG_DEFAULT_STREAM_DEPTH, ModbusParserRegisterTests(), PacketAlertCheck(), ParseSizeStringU32(), PASS, PKT_HAS_FLOW, PKT_STREAM_EST, Flow_::proto, Flow_::protoctx, ModbusTransaction_::read, RunmodeIsUnittests(), SC_ERR_MODBUS_CONFIG, SCEnter, SCFree, SCLogError, SCMalloc, SCRealloc, SCReturn, SigCleanSignatures(), SigGroupBuild(), SigGroupCleanup(), SigMatchSignatures(), STREAM_TOCLIENT, STREAM_TOSERVER, StreamTcpFreeConfig(), StreamTcpInitConfig(), ModbusTransaction_::subFunction, ModbusState_::transaction_max, TRUE, UTHBuildPacket(), UTHFreePackets(), ConfNode_::val, and ModbusTransaction_::write.

Referenced by AppLayerParserRegisterProtocolParsers(), and GetProgramVersion().

Here is the call graph for this function:

Here is the caller graph for this function: