Hi Chris,
Thank you VERY much for your patch, I had been considering doing the same
thing when I got some time to do so (which realisticly means never :) ).
Your work is greatly appreciated.
Mike Cornelius
Call Direct Cellular Solutions
-----Original Message-----
From: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] On Behalf Of Chris Bontje
Sent: Tuesday, 21 June 2005 2:56 PM
To: ethereal-dev@xxxxxxxxxxxx
Subject: [Ethereal-dev] Re: DNP3 Dissector Additions
All,
Here are the additions to the DNP3 dissector as promised. I would like to
submit this patch for the next version of Ethereal. These modifications
should be considered preliminary, here is a brief summary of what was added:
- Added Application Layer Object Decoding. Supports IIN bits and most of
the common objects & variations (Binary Inputs, Binary Outputs, Control
Relay O/P Block, Binary Counters, Analog Inputs, Class Data, Time Formats).
Support will be added for other objects/vars as captures with examples of
them can be provided.
- Added support for more Application Layer function codes. Support for
remaining codes will be added in as captures can be provided.
- Added UDP/IP port 20000 as a default DNP3 port (in addition to TCP/IP port
20000), as registered with regulatory bodies.
- Started re-write to support fragments with multiple DNP3-frames and frames
seperated between multiple fragments (both UDP & TCP).
This dissector has been tested w/ a wide varity of DNP3 SCADA captures, if
there is a capture that generates errors or invalid output, please provide
it so appropriate fixes can be made! :) The same goes for any suggestions
or comments regarding the output formatting - just because I like this
output doesn't mean someone else is expected to!
This diff file was created using the 'diff' util with the -u command-line
switch, let me know if it is not acceptable for submission. The testing has
primarily been done on the VC6 platform, please let me know if issues are
encountered w/ any *nix builds.
Thanks goes out to Graham Bloice for his invaluable assistance w/ the whole
process of adding this support.
Regards,
Chris Bontje
Calgary, Alberta, Canada
----- Original Message -----
From: Chris Bontje <chrisbontje@xxxxxxx>
Date: Saturday, June 4, 2005 8:01 pm
Subject: DNP3 Dissector Additions
> All,
>
> I have recently been tinkering w/ the DNP3 dissector included in the
> latest public source release of Ethereal.
>
> I've successfully added in Application Layer Decoding support for
> several objects and am planning on adding a mostly complete library.
> So far I have added in some of the most common object variations for
> Binary Inputs, Outputs, Analog Inputs (16-bit & 32-
> bit) and Binary Counters.
>
> I have several Ethereal captures from various SCADA networks w/
> DNP3 traffic and have been punishment-testing my work to the best of
> my abilities... so far so good!
>
> When I'm satisified w/ my code, I'll be certain to post my changes to
> the source tree so that they can (hopefully) be included in the
> official release.
>
> Here's hoping my intermediate-level coding is clean enough to make it
> into an excellent project like Ethereal!
>
> Regards,
>
> Chris Bontje
> Calgary, Alberta, Canada
>