Comment # 3
on bug 9572
from Roland Knall
(In reply to comment #1)
> Is this NOTABUG or can/should the OpenSafety dissector heuristics be
> tightened (or disabled by default)?
openSAFETY catches on modbus.data. Therefore in regard to Modbus/TCP it is
already tightened enough. The heuristic dissection itself is exiting fast
enough in this case as well, as the first few checks determine, that the
payload does not contain a frame, and the system returns with false.
But I am generally fine in this case, to adapt the openSAFETY dissector, so
that global_enable_mbtcp defaults to FALSE, and users have to enable the
Modbus/TCP dissection by hand in the preferences dialog. openSAFETY over
Modbus/TCP is only used in demonstration units, and therefore as of right now,
reallife implementations are sparse.
You are receiving this mail because:
- You are watching all bug changes.