Age | Commit message (Collapse) | Author | Files | Lines |
|
One of these modifies a field name ("hart_ip.pt.rsp.transducer_serail_number"
in packet-hartip.c), a few are in text displayed for fields (in packet-nvme.c)
or for unknown fields (in packet-oer.c and packet-per.c), one is in a
preprocessor macro (in packet-cip.[ch]), and the rest are all in comments.
arry -> array
authos -> authors
compatability -> compatibility
contigous -> contiguous
dispaly -> display
erorr -> error
filed (where it was obviously incorrect) -> field or filled
hueristic -> heuristic
regsiter -> register
serail -> serial
|
|
|
|
|
|
|
|
|
|
Added new ODVA specific TLV that replaces an already existing
ODVA specific TLV that has been depredated.
|
|
|
|
|
|
|
|
1. Improve code documentation
2. Expose common variables,functions to let other dissectors to use them
|
|
|
|
|
|
1. Connection Manager parameter is called 'Redundant Owner' instead of 'Exclusive'
2. Add new CIP Class Names
3. Support new time types: UTIME, STIME, NTIME
4. Add units to data type
|
|
Notes:
1. There are no functionality changes with this delivery
2. This change is to reduce manual copying between structs. This will make it easier to add upcoming feature changes, and fix some connection handling issues (future merge requests).
3. Combine enip_conn_val_t and cip_conn_info_t. Previously, there were 2 different structs to track information about an overall CIP Connection.
|
|
Notes:
1. There are no functionality changes with this delivery
2. cip_connID_info_t describes a one-way connection. Each CIP Connection includes 2 of these. Previously, each operation was duplicated for each direction.
3. This change is to reduce copypaste, simplify logic, and make it easier to add upcoming feature changes, and fix some connection handling issues (future merge requests)
Changes:
1. Extract Method: get_conversation_info_one_direction
2. dissect_net_param16/dissect_net_param32: Parse and set data into cip_connID_info_t
|
|
1. Dissect the Motion Configuration Block from the Forward Open
2. Add Motion Attributes related to #1
3. Save the first/last segment for certain segment types in an EPATH.
Behavior changes based on the values in first segments for a given type,
vs later segments.
Change-Id: Id0552a585d158041c13adfa50f4bb164cada79b7
Reviewed-on: https://code.wireshark.org/review/37168
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
1. Electronic Key Segment: Add support for Serial Number Key Format
2. Electronic Key Segment: Display more values in generated (response) output
3. Display Route/Connection Path in response data
4. Add more device types, class names
5. Minor display improvements to text strings, units for clarity
Change-Id: Ie7738cb395579674db448535474444da49b5b297
Reviewed-on: https://code.wireshark.org/review/37156
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
1. Show 3 digits of precision after the decimal place for API/RPI when
displaying in ms.
2. Remove displaying the value as hex microseconds.
Change-Id: I483739c13ff0e02bd773b5207b41a5eec6c23289
Reviewed-on: https://code.wireshark.org/review/31583
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
1. For each connected data message, display generated connection
information including:
a. Connection Path from the initial connection
b. API values
c. Forward Open packet number. (This already existed, but moving it to a
consistent place in the tree)
2. Display O->T or T->O in the Info column depending on the direction of data.
3. Remove cip.conn_path_class filter. This was originally added to show
which type of data is in a given packet. But, it's not really needed
anymore because we have the generated connection path in each connected
data packet now.
4. Ensure dummy structs used for Decode As menus are zeroed out.
5. memset -> zero initialization
pcaps from the following bug reports are good examples:
Bug: 14939
Bug: 6617
Bug: 14916
Bug: 14958
Change-Id: I63885a5ca41f95e04f855a1e1dcd9ab3684f7eec
Reviewed-on: https://code.wireshark.org/review/30808
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
1. Get/Set Axis Attribute List: Display the attribute name, and dissect where appropriate.
2. Minor: Cleanup exported functions/variables.
Bug: 14958
Change-Id: I2ff6883e66068472ac5ded0172f51575f5e20a21
Reviewed-on: https://code.wireshark.org/review/28660
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
|
|
1. Add new dissector table that allows for registration of CIP Class 0/1 I/O
against CIP Class that was used in the Forward Open. CIP Safety is still
a special case that gets checked before this table. The default handling is
generic CIP Class 0/1 I/O.
2. Changed most I/O items labelled "ENIP" to "CIP I/O". ENIP is a separate
protocol/layer, and all the I/O traffic is actually CIP. It was very
confusing explaining to people they had to look at the wrong protocol
layer in Wireshark before.
3. Add the generic Class 0/1 I/O as a separate tree layer. CIP Motion and
CIP Safety I/O were already doing this.
4. Update CIP conversation filtering naming to be more accurate.
5. Clean up some offset handling
Change-Id: I1c226fe1bd8974ed0e90640c875bef21f15f3095
Reviewed-on: https://code.wireshark.org/review/28290
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
1. Time Sync Port Physical Address Info: Finish parsing this
2. Connection Manager: Add more service names
3. Add more Device Type enumerations
4. Unconnected Send Unsuccessful Response: Add the reserved byte
5. Vendor ID -> Originator Vendor ID
6. Add some BASE_UNIT_STRING
Change-Id: I112c44330cc4051d2eea8d149e3cbbf8eaef1247
Reviewed-on: https://code.wireshark.org/review/27937
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
1. Connection Serial Number, Vendor ID, and Device Serial Number are always
used as a group. Group these as a struct to make them easier to manage.
2. Pull out common code into dissect_connection_triad()
No functional changes.
Change-Id: Ide126f8d0ea6ab8e2de5abf20e12643d5a35924d
Reviewed-on: https://code.wireshark.org/review/27926
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
1. Add attribute table similar to the other CIP related dissectors. Currently, this just adds 2 attributes. More will come in separate reviews. (Still clarifying some information in the Spec)
2. Minor wording updates to match spec
Change-Id: I667b8e465d576020471c8e7fc10b43e25ea573dd
Reviewed-on: https://code.wireshark.org/review/27180
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Have separate ones for function 3A and function 80.
Change-Id: I44560099de269ea809092d5bc7ad88308c9082be
Reviewed-on: https://code.wireshark.org/review/26767
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
We can't have a single table to map function codes to names; we need
separate tables for different command codes.
We also can't have a single field for the function code; we need
separate fields for different command codes.
While we're at it, use proto_tree_add_item_ret_uint() to add the command
code and function code, rather than separately fetching those values.
Change-Id: Ic2646da6c6a1cae13c513874c5c003f32fce434e
Reviewed-on: https://code.wireshark.org/review/26764
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: If3f093ba19cce1a69c1540518e622e4098ba82b6
Reviewed-on: https://code.wireshark.org/review/26763
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Support has been added to the EtherNet/IP (ENIP) CIP dissector (packet-cip.c)
to allow for the dissection of Programmable Controller Communication Commands
(PCCC). These commands are often seen in the traffic of Programmable Logic
Controllers (PLCs) communicating over the EtherNet/IP or DF1 protocols.
Dissection has been implemented directly in the packet-cip dissector,
following the structure put in place by other existing CIP classes such
as the Connection Manager.
Change-Id: Ia1e614fb7fd9fd36e79c0dac06cd5f1a9c1cea78
Reviewed-on: https://code.wireshark.org/review/26713
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
See Volume 9, version 1.2, sections "6-2.7.1.1" and "7-1.1"
1. Pass Connection Point from FwdOpen to Motion dissector, since that is now needed to parse I/O payload.
2. Move Run/Idle Header function to CIP dissector, since it's a CIP feature, not ENIP.
3. Add a protocol so that Format Revision 3 can be dissected without the Forward Open in the capture.
4. Minor: Highlight more bytes in some EPATH parsing.
5. Minor: Renaming some things to match spec wording.
Change-Id: I93626a6492be2675206d38c04fa1c7ce534c04ca
Reviewed-on: https://code.wireshark.org/review/25570
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I44f7ff6980f27b1a0d4199a91f9b217aec7e4652
Reviewed-on: https://code.wireshark.org/review/20557
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
1. CIP: Instead of exiting early in dissect_cip_generic_service_req/rsp when there is no data, keep processing so that a malformed packet warning will be displayed when there should be data.
2. CIP Safety: Remove copy-paste. Use load_cip_request_data
3. CIP Safety: Use more constants.
Change-Id: Ic364201f1e587b43cf2bda407fb77b50032974ae
Reviewed-on: https://code.wireshark.org/review/20549
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1. CIP Safety: SERCOS Safety Network Number attribute should be 6 bytes. Don't just use all remaining bytes
2. Remove cip_byte_array type. The last remaining usage was #1 above and it really shouldn't be used in the future. Any attribute that would eat up all remaining bytes would have issues with Get Attribute List responses and Set Attribute List requests.
3. Optional Attribute List: Display the attribute name if known.
4. Port: Display Port Number name
5. Port: Associated Communication Objects attribute
Change-Id: I94d99bb1f07aa4b8c44949b2ffb5d75e72483459
Reviewed-on: https://code.wireshark.org/review/19374
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1. Generically handle/display all unparsed data. Any unparsed data can be found with cip.data
2. This now shows at least some unparsed data that was not previously displayed. Previously, extra data sent with Get Attribute List requests was not displayed. It was difficult to tell why devices were returning errors, without knowing there was extra data.
3. Make most functions return the number of bytes processed to support the above points.
Change-Id: I290c09d76e74c18facaef99c8903e7937fbdd710
Reviewed-on: https://code.wireshark.org/review/19263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Most attributes specify the path length before the EPATH data, but some do not. The previous code for parsing EPATHs just looped until there was no more data. This is a problem for EPATH that do not specify a length, because it will eat up too many bytes. This mainly affects Get Attribute List Responses and Set Attribute List Requests. For the small number of attributes like this, the Spec says exactly what kind of segment should be in the EPATH, so just parse a single segment.
This fixes: Port attributes: 'Port Number and Node Address' and 'Chassis Identity'
There is still one that is a problem in packet-cipsafety.c, but we will have to deal with it later. See the TODO in that file.
I use the .pcap attached to https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12049, to make sure I didn't break any existing path/segment handling.
Ping-Bug: 12049
Change-Id: Id035f9809f6cc747ea7b6327d94dd26dc66cb466
Reviewed-on: https://code.wireshark.org/review/18675
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1. Add support for STRINGI
2. Add File Name attribute that is a STRINGI
3. CCO Get/Set Attr All: Connection Name is STRING2 not ASCII
4. TCP/IP Host Name attribute is not just a STRING. It also needs a pad byte.
5. Minor: Fix byte highlighting for CCO I/O Mapping tree
6. Minor: All back byte highlighting for Get Attr All Rsp individual attributes
Change-Id: Ib10d6f2e86e39e8cd6335dc6b6dbebbd1c4d8e64
Reviewed-on: https://code.wireshark.org/review/18166
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1. Switched to common way to parse Get Attr All, using dissect_cip_get_attribute_all_rsp, for CCO (class version) and CIP Validator. This also fixed a missing attribute in the old CIP Validator code.
2. Add cip_string2 attribute implementation
3. For CIP Validator, set the protocol as "CIPS Validator", previously this was "CIPS Supervisor".
4. For classes with subdissectors, add the service to the Info column in the response.
Change-Id: Id9593ca39497261075df8146cf63ee9581462e2a
Reviewed-on: https://code.wireshark.org/review/14837
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
When the "Display enhanced Info column data" preference is set, ensure that:
1. For non-MSP packets, path information (class/symbol) is displayed in the Info column for Forward Open, Forward Close, regular Message Router Request/Response messages
2. For MSP packets, don't display the class/symbol in the Info column (it's too wordy)
This now relies on an extra boolean passed to dissect_cip_data() to handle #2 above. Previously, this relied on checking a proto_item* for NULL, which is not correct.
Change-Id: I7532660bcb23bd664c1f5532256755922c4937d1
Reviewed-on: https://code.wireshark.org/review/14458
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
A dissector must never assume that it will, or won't, be called with a
protocol tree; it's up to the Wireshark/TShark/etc. core to decide
whether to do it, and it can change its behavior over time or even
change it from release to release.
Have dissect_epath() take an argument that explicitly indicates whether
to add the CIP class to the Info column, rather than assuming that you
do so only if the tree pointer passed to it is null.
Bug: 12257
Change-Id: Ide8a6fc21252880f849a8d0aa4659a675bb3ae04
Reviewed-on: https://code.wireshark.org/review/14456
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
1. Remove "Object" from CIP class names. It was already removed from some of the objects, the string "Object" is implied for all objects, and it helps reduce wordiness in the Info column.
2. Don't display Class/Symbol name in the Info column when it's inside a MSP.
3. Enable enhanced Info column by default now that some of the additional wordiness was removed by the above points.
4. Put single quotes around the symbol name in the Info column. This makes it more obvious that something is a symbol instead of an actual class name from the spec, and would prevent ambiguity if the symbol name was something like "Identity".
5. Print the CIP service for both requests/responses in CIP Safety processing. This was already added to normal CIP.
6. Display Class/Symbol and service on the Service Packet in the MSP tree. This makes it easier to find without expanding every MSP item.
Change-Id: I7197dd4bf3dad6d7bdba247d3d7ab76cca52c785
Reviewed-on: https://code.wireshark.org/review/14325
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: D. Ulis <daulis0@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1. More Identity attributes
2. Port attributes
3. Set Attribute List request highlighted too much attribute data
4. TCP/IP object, Attr 5 needs padding
5. Switch most attributes to use wrappers instead of dissect_epath() directly.
6. Change new Volume 8 attributes to treat path size as words instead of bytes, when parsing size+EPATH formats.
Change-Id: I1b8c476475c6fbb9c7cdb99ec4a6c28934631a19
Reviewed-on: https://code.wireshark.org/review/13898
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This includes request/response tracking
Change-Id: I12ac4c198929aa6a75f3f839f9ee52ebf00b8059
Reviewed-on: https://code.wireshark.org/review/13743
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: D. Ulis <daulis0@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
externed global variable.
Change-Id: Id8156680d67d65d87c156df05e8a66e2531728d2
Reviewed-on: https://code.wireshark.org/review/13709
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
1. ENIP: When there is more than one ENIP command in a given TCP packet, display both in the Info column. Previously, only 1 would be displayed.
2. CIP: Services need a context to be able to interpret properly. Display the Class or Symbol name in the Info column in an object oriented manner for Request Paths, or Connection Paths.
3. CIP: Display the request path/service in a CIP response, instead of just "Success". These changes make it visually easier to identify traffic.
4. CIP: For the Info column, make Multiple Service Packet formatting a little more consistent regarding the divider between embedded packets. Previously, it would display 2 different separator types "," and "|".
5. CIP: Add preference to enable/disable "Display enhanced Info column data"
Change-Id: I7e95bc144588c0925137e01abbc814babb494d19
Reviewed-on: https://code.wireshark.org/review/13632
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add support for the following segment types:
1. Port: Extended
2. Logical: Service ID
3. Logical: Extended
4. Symbolic: ASCII, Extended String, including: Double-byte, Triple-byte, Numeric (USINT, UINT, UDINT)
5. Network: Extended
6. Network: Production Inhibit Time in Microseconds
Bug: 12049
Change-Id: I31b269c28c0101205cbc02f858de47106b9e7373
Reviewed-on: https://code.wireshark.org/review/13552
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Get Attributes All is a predefined list of existing attribute IDs for a given class. Add a new index for each attribute for their place in GetAttributesAll response. Then a hash table of classes for existing attributes are created to handle the GetAttributesAll service.
Added more TCP/IP object attributes since more have been added to the spec.
Moved TCP/IP object attributes all to ENIP dissector.
Bug: 11996
Change-Id: I7f50c9aadf04efdb17ef31f39e6a991c0a84bef2
Reviewed-on: https://code.wireshark.org/review/13186
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
EtherNet/IP
1. EtherNet Link object parsed Physical Address attribute response incorrectly.
2. Display Unknown Commands as ENIP instead of just TCP data.
CIP
1. For connected data, don't interpret it as a Message Router Request/Response format when the Forward Open connection was not directed to the Message Router. Previously, this data would be incorrectly shown as explicit CIP data. In many cases, this would show as malformed. This traffic will now just display as Data in the Wireshark tree, and "Implicit Data - Class (0x123)" in the Info column. Make this data filterable by "cip.conn_path_class == 0x123".
2. Fix parsing of Unconnected Send responses. Previously, for most cases, the response was not fully parsed, and would just show "Data", or it would parse the response as if the request class was the Connection Manager, which is incorrect. Now, also show the request path of the original embedded message in the tree.
3. Add some detailed error data for malformed Forward Close response.
Change-Id: I1c98ce516373d8c0ed6e049e25342f726bc370ea
Reviewed-on: https://code.wireshark.org/review/12339
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: D. Ulis <daulis0@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
EtherNet/IP
1. Only decode 32-bit header if there is enough data. Previously, this would show malformed data, even for I/O packets that have no data, eg: heartbeat data.
2. Typos
CIP
1. Many Time Sync attribute responses were flagged incorrectly as malformed.
2. Create service response highlighted the instance number incorrectly, and showed warnings.
3. Set Attribute List Request should exit early if it doesn't know about a particular attribute.
4. Incorrect format for Safety Network Segment: Router Format.
5. Typos
Change-Id: I506dbb053c247bc8efcbde2cce6ab24d9550c897
Reviewed-on: https://code.wireshark.org/review/12321
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I398e9cf4f6882e76644aa758e12c39a39159e95f
Reviewed-on: https://code.wireshark.org/review/3319
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ia69cbe9fea364c735bde956d84a82404b46ec236
Reviewed-on: https://code.wireshark.org/review/1810
Reviewed-by: Michael Mann <mmann78@netscape.net>
|