["Mike Cornelius" <mikec@xxxxxxxxxxxxxxxxxx>]

Hi Chris,

Thank you VERY much for your patch, I had been considering doing the same
thing when I got some time to do so (which realisticly means never :) ).

Your work is greatly appreciated.

Mike Cornelius
Call Direct Cellular Solutions


-----Original Message-----
From: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] On Behalf Of Chris Bontje
Sent: Tuesday, 21 June 2005 2:56 PM
To: ethereal-dev@xxxxxxxxxxxx
Subject: [Ethereal-dev] Re: DNP3 Dissector Additions

All,

Here are the additions to the DNP3 dissector as promised.  I would like to
submit this patch for the next version of Ethereal.  These modifications
should be considered preliminary, here is a brief summary of what was added:

- Added Application Layer Object Decoding.  Supports IIN bits and most of
the common objects & variations (Binary Inputs, Binary Outputs, Control
Relay O/P Block, Binary Counters, Analog Inputs, Class Data, Time Formats).
Support will be added for other objects/vars as captures with examples of
them can be provided.

- Added support for more Application Layer function codes.  Support for
remaining codes will be added in as captures can be provided.

- Added UDP/IP port 20000 as a default DNP3 port (in addition to TCP/IP port
20000), as registered with regulatory bodies.

- Started re-write to support fragments with multiple DNP3-frames and frames
seperated between multiple fragments (both UDP & TCP).

This dissector has been tested w/ a wide varity of DNP3 SCADA captures, if
there is a capture that generates errors or invalid output, please provide
it so appropriate fixes can be made! :)  The same goes for any suggestions
or comments regarding the output formatting - just because I like this
output doesn't mean someone else is expected to!

This diff file was created using the 'diff' util with the -u command-line
switch, let me know if it is not acceptable for submission.  The testing has
primarily been done on the VC6 platform, please let me know if issues are
encountered w/ any *nix builds.

Thanks goes out to Graham Bloice for his invaluable assistance w/ the whole
process of adding this support.

Regards,

Chris Bontje
Calgary, Alberta, Canada

----- Original Message -----
From: Chris Bontje <chrisbontje@xxxxxxx>
Date: Saturday, June 4, 2005 8:01 pm
Subject: DNP3 Dissector Additions

> All,
> 
> I have recently been tinkering w/ the DNP3 dissector included in the 
> latest public source release of Ethereal.
> 
> I've successfully added in Application Layer Decoding support for 
> several objects and am planning on adding a mostly complete library.  
> So far I have added in some of the most common object variations for 
> Binary Inputs, Outputs, Analog Inputs (16-bit & 32-
> bit) and Binary Counters.
> 
> I have several Ethereal captures from various SCADA networks w/
> DNP3 traffic and have been punishment-testing my work to the best of 
> my abilities...  so far so good!
> 
> When I'm satisified w/ my code, I'll be certain to post my changes to 
> the source tree so that they can (hopefully) be included in the 
> official release.
> 
> Here's hoping my intermediate-level coding is clean enough to make it 
> into an excellent project like Ethereal!
> 
> Regards,
> 
> Chris Bontje
> Calgary, Alberta, Canada
>