can you please provide some example captures we can test the dissector with
you also have to terminate the value_string with a {0,NULL} entry or
it may SEGV if you receive a corrupted packet.
On 4/18/07, Rob Casey <rcasey@xxxxxxxxx> wrote:
Re-sent from Google mail due to local mail server issues.
---------- Forwarded message ----------
From: Rob Casey <robc@xxxxxxxxxxxxxxxxx>
Date: Apr 19, 2007 9:02 AM
Subject: FW: [PATCH] New protocol dissector - Kingfisher
To: rcasey@xxxxxxxxx
------------------------------
*From:* Rob Casey [mailto:robc@xxxxxxxxxxxxxxxxx]
*Sent:* Thursday, 19 April 2007 12:20 AM
*To:* 'wireshark-dev@xxxxxxxxxxxxx'
*Subject:* [PATCH] New protocol dissector - Kingfisher
To whom it may concern,
Attached is a patch against the current subversion tree to incorporate a new
dissector into Wireshark to implement support versions 2 and 3 of the
Kingfisher protocol. This protocol - derived from and very similar in
structure to the Modbus TCP protocol - is used in communication between
Kingfisher remote telemetry units (RTUs) and remote I/O devices within
telemetry and SCADA systems - Further information about Kingfisher RTUs can
be found at http://www.rtunet.com (or the parent corporate web site at
http://www.cse-semaphore.com).
It is worthy to note that while IANA has assigned the port number 4058 for
Kingfisher communications via TCP and UDP (
http://www.iana.org/assignments/port-numbers), this patch includes a define
option to additionally dissect Kingfisher traffic directed to port 473 -
This is the result of the historical use of this port by Series 2 Kingfisher
RTUs for Kingfisher protocol traffic.
Regards,
Rob
Rob Casey
R&D Manager
RTUnet / CSE Semaphore Australia
Unit 8, 3-5 Gilda Court
Mulgrave, Victoria
Australia