suricata
Data Structures | Macros | Typedefs | Enumerations | Functions
app-layer-modbus.h File Reference
#include "decode.h"
#include "detect-engine-state.h"
#include "queue.h"
Include dependency graph for app-layer-modbus.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  ModbusTransaction_
 
struct  ModbusState_
 

Macros

#define MODBUS_CAT_NONE   0x0
 
#define MODBUS_CAT_PUBLIC_ASSIGNED   (1<<0)
 
#define MODBUS_CAT_PUBLIC_UNASSIGNED   (1<<1)
 
#define MODBUS_CAT_USER_DEFINED   (1<<2)
 
#define MODBUS_CAT_RESERVED   (1<<3)
 
#define MODBUS_CAT_ALL   0xFF
 
#define MODBUS_TYP_NONE   0x0
 
#define MODBUS_TYP_ACCESS_MASK   0x03
 
#define MODBUS_TYP_READ   (1<<0)
 
#define MODBUS_TYP_WRITE   (1<<1)
 
#define MODBUS_TYP_ACCESS_FUNCTION_MASK   0x3C
 
#define MODBUS_TYP_BIT_ACCESS_MASK   0x0C
 
#define MODBUS_TYP_DISCRETES   (1<<2)
 
#define MODBUS_TYP_COILS   (1<<3)
 
#define MODBUS_TYP_WORD_ACCESS_MASK   0x30
 
#define MODBUS_TYP_INPUT   (1<<4)
 
#define MODBUS_TYP_HOLDING   (1<<5)
 
#define MODBUS_TYP_SINGLE   (1<<6)
 
#define MODBUS_TYP_MULTIPLE   (1<<7)
 
#define MODBUS_TYP_WRITE_SINGLE   (MODBUS_TYP_WRITE | MODBUS_TYP_SINGLE)
 
#define MODBUS_TYP_WRITE_MULTIPLE   (MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE)
 
#define MODBUS_TYP_READ_WRITE_MULTIPLE   (MODBUS_TYP_READ | MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE)
 
#define MODBUS_FUNC_NONE   0x00
 

Typedefs

typedef struct ModbusTransaction_ ModbusTransaction
 
typedef struct ModbusState_ ModbusState
 

Enumerations

enum  {
  MODBUS_DECODER_EVENT_INVALID_PROTOCOL_ID, MODBUS_DECODER_EVENT_UNSOLICITED_RESPONSE, MODBUS_DECODER_EVENT_INVALID_LENGTH, MODBUS_DECODER_EVENT_INVALID_UNIT_IDENTIFIER,
  MODBUS_DECODER_EVENT_INVALID_FUNCTION_CODE, MODBUS_DECODER_EVENT_INVALID_VALUE, MODBUS_DECODER_EVENT_INVALID_EXCEPTION_CODE, MODBUS_DECODER_EVENT_VALUE_MISMATCH,
  MODBUS_DECODER_EVENT_FLOODED
}
 

Functions

void RegisterModbusParsers (void)
 Function to register the Modbus protocol parsers and other functions. More...
 
void ModbusParserRegisterTests (void)
 

Detailed Description

Author
David DIALLO diall.nosp@m.o@et.nosp@m..esie.nosp@m.a.fr

Definition in file app-layer-modbus.h.

Macro Definition Documentation

#define MODBUS_CAT_ALL   0xFF

Definition at line 61 of file app-layer-modbus.h.

#define MODBUS_CAT_NONE   0x0

Definition at line 56 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_CAT_PUBLIC_ASSIGNED   (1<<0)

Definition at line 57 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_CAT_PUBLIC_UNASSIGNED   (1<<1)

Definition at line 58 of file app-layer-modbus.h.

#define MODBUS_CAT_RESERVED   (1<<3)

Definition at line 60 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_CAT_USER_DEFINED   (1<<2)

Definition at line 59 of file app-layer-modbus.h.

#define MODBUS_FUNC_NONE   0x00

Definition at line 82 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_TYP_ACCESS_FUNCTION_MASK   0x3C

Definition at line 68 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_TYP_ACCESS_MASK   0x03

Definition at line 65 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_TYP_BIT_ACCESS_MASK   0x0C

Definition at line 69 of file app-layer-modbus.h.

#define MODBUS_TYP_COILS   (1<<3)

Definition at line 71 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_DISCRETES   (1<<2)

Definition at line 70 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_HOLDING   (1<<5)

Definition at line 74 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_INPUT   (1<<4)

Definition at line 73 of file app-layer-modbus.h.

#define MODBUS_TYP_MULTIPLE   (1<<7)

Definition at line 76 of file app-layer-modbus.h.

#define MODBUS_TYP_NONE   0x0

Definition at line 64 of file app-layer-modbus.h.

Referenced by DetectEngineInspectModbus().

#define MODBUS_TYP_READ   (1<<0)

Definition at line 66 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_READ_WRITE_MULTIPLE   (MODBUS_TYP_READ | MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE)

Definition at line 79 of file app-layer-modbus.h.

#define MODBUS_TYP_SINGLE   (1<<6)

Definition at line 75 of file app-layer-modbus.h.

#define MODBUS_TYP_WORD_ACCESS_MASK   0x30

Definition at line 72 of file app-layer-modbus.h.

#define MODBUS_TYP_WRITE   (1<<1)

Definition at line 67 of file app-layer-modbus.h.

Referenced by DetectModbusRegister().

#define MODBUS_TYP_WRITE_MULTIPLE   (MODBUS_TYP_WRITE | MODBUS_TYP_MULTIPLE)

Definition at line 78 of file app-layer-modbus.h.

#define MODBUS_TYP_WRITE_SINGLE   (MODBUS_TYP_WRITE | MODBUS_TYP_SINGLE)

Definition at line 77 of file app-layer-modbus.h.

Typedef Documentation

typedef struct ModbusState_ ModbusState
typedef struct ModbusTransaction_ ModbusTransaction

Enumeration Type Documentation

anonymous enum
Enumerator
MODBUS_DECODER_EVENT_INVALID_PROTOCOL_ID 
MODBUS_DECODER_EVENT_UNSOLICITED_RESPONSE 
MODBUS_DECODER_EVENT_INVALID_LENGTH 
MODBUS_DECODER_EVENT_INVALID_UNIT_IDENTIFIER 
MODBUS_DECODER_EVENT_INVALID_FUNCTION_CODE 
MODBUS_DECODER_EVENT_INVALID_VALUE 
MODBUS_DECODER_EVENT_INVALID_EXCEPTION_CODE 
MODBUS_DECODER_EVENT_VALUE_MISMATCH 
MODBUS_DECODER_EVENT_FLOODED 

Definition at line 43 of file app-layer-modbus.h.

Function Documentation

void ModbusParserRegisterTests ( void  )

Definition at line 3027 of file app-layer-modbus.c.

References UtRegisterTest().

Referenced by RegisterModbusParsers().

Here is the call graph for this function:

Here is the caller graph for this function:

void RegisterModbusParsers ( void  )

Function to register the Modbus protocol parsers and other functions.

Definition at line 1464 of file app-layer-modbus.c.

References Flow_::alproto, ALPROTO_MODBUS, Flow_::alstate, AppLayerParserConfParserEnabled(), AppLayerParserParse(), AppLayerParserRegisterDetectStateFuncs(), AppLayerParserRegisterGetEventInfo(), AppLayerParserRegisterGetEventsFunc(), AppLayerParserRegisterGetStateProgressCompletionStatus(), AppLayerParserRegisterGetStateProgressFunc(), AppLayerParserRegisterGetTx(), AppLayerParserRegisterGetTxCnt(), AppLayerParserRegisterLoggerFuncs(), AppLayerParserRegisterParser(), AppLayerParserRegisterParserAcceptableDataDirection(), AppLayerParserRegisterProtocolUnittests(), AppLayerParserRegisterStateFuncs(), AppLayerParserRegisterTxFreeFunc(), AppLayerParserSetStreamDepth(), AppLayerParserThreadCtxAlloc(), AppLayerParserThreadCtxFree(), AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerProtoDetectPPParseConfPorts(), AppLayerProtoDetectPPRegister(), AppLayerProtoDetectRegisterProtocol(), ConfGetNode(), ModbusTransaction_::data, DE_QUIET, DetectEngineAppendSig(), DetectEngineCtxFree(), DetectEngineCtxInit(), DetectEngineThreadCtxDeinit(), DetectEngineThreadCtxInit(), FAIL_IF, FAIL_IF_NOT, FAIL_IF_NULL, Flow_::flags, Packet_::flags, DetectEngineCtx_::flags, Packet_::flow, FLOW_DESTROY, FLOW_INITIALIZE, FLOW_IPV4, FLOW_PKT_ESTABLISHED, FLOW_PKT_TOSERVER, Packet_::flowflags, FLOWLOCK_UNLOCK, FLOWLOCK_WRLOCK, ModbusTransaction_::function, MODBUS_CONFIG_DEFAULT_STREAM_DEPTH, ModbusParserRegisterTests(), PacketAlertCheck(), ParseSizeStringU32(), PASS, PKT_HAS_FLOW, PKT_STREAM_EST, Flow_::proto, Flow_::protoctx, ModbusTransaction_::read, RunmodeIsUnittests(), SC_ERR_MODBUS_CONFIG, SCEnter, SCFree, SCLogError, SCMalloc, SCRealloc, SCReturn, SigCleanSignatures(), SigGroupBuild(), SigGroupCleanup(), SigMatchSignatures(), STREAM_TOCLIENT, STREAM_TOSERVER, StreamTcpFreeConfig(), StreamTcpInitConfig(), ModbusTransaction_::subFunction, ModbusState_::transaction_max, TRUE, UTHBuildPacket(), UTHFreePackets(), ConfNode_::val, and ModbusTransaction_::write.

Referenced by AppLayerParserRegisterProtocolParsers(), and RegisterAllModules().

Here is the call graph for this function:

Here is the caller graph for this function: