1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
|
/* packet-cip.h
* Routines for CIP (Common Industrial Protocol) dissection
* CIP Home: www.odva.org
*
* Copyright 2004
* Magnus Hansson <mah@hms.se>
* Joakim Wiberg <jow@hms.se>
*
* Added support for Connection Configuration Object
* ryan wamsley * Copyright 2007
*
* $Id$
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/* CIP Service Codes */
#define SC_GET_ATT_ALL 0x01
#define SC_SET_ATT_ALL 0x02
#define SC_GET_ATT_LIST 0x03
#define SC_SET_ATT_LIST 0x04
#define SC_RESET 0x05
#define SC_START 0x06
#define SC_STOP 0x07
#define SC_CREATE 0x08
#define SC_DELETE 0x09
#define SC_MULT_SERV_PACK 0x0A
#define SC_APPLY_ATTRIBUTES 0x0D
#define SC_GET_ATT_SINGLE 0x0E
#define SC_SET_ATT_SINGLE 0x10
#define SC_FIND_NEXT_OBJ_INST 0x11
#define SC_RESTOR 0x15
#define SC_SAVE 0x16
#define SC_NO_OP 0x17
#define SC_GET_MEMBER 0x18
#define SC_SET_MEMBER 0x19
#define SC_INSERT_MEMBER 0x1A
#define SC_REMOVE_MEMBER 0x1B
#define SC_GROUP_SYNC 0x1C
/* Class specific services */
/* Connection Manager */
#define SC_CM_FWD_CLOSE 0x4E
#define SC_CM_UNCON_SEND 0x52
#define SC_CM_FWD_OPEN 0x54
#define SC_CM_LARGE_FWD_OPEN 0x5B
#define SC_CM_GET_CONN_OWNER 0x5A
/* Connection Configuration Object services */
#define SC_CCO_KICK_TIMER 0x4B
#define SC_CCO_OPEN_CONN 0x4C
#define SC_CCO_CLOSE_CONN 0x4D
#define SC_CCO_STOP_CONN 0x4E
#define SC_CCO_CHANGE_START 0x4F
#define SC_CCO_GET_STATUS 0x50
#define SC_CCO_CHANGE_COMPLETE 0x51
#define SC_CCO_AUDIT_CHANGE 0x52
/* CIP General status codes */
#define CI_GRC_SUCCESS 0x00
#define CI_GRC_FAILURE 0x01
#define CI_GRC_NO_RESOURCE 0x02
#define CI_GRC_BAD_DATA 0x03
#define CI_GRC_BAD_PATH 0x04
#define CI_GRC_BAD_CLASS_INSTANCE 0x05
#define CI_GRC_PARTIAL_DATA 0x06
#define CI_GRC_CONN_LOST 0x07
#define CI_GRC_BAD_SERVICE 0x08
#define CI_GRC_BAD_ATTR_DATA 0x09
#define CI_GRC_ATTR_LIST_ERROR 0x0A
#define CI_GRC_ALREADY_IN_MODE 0x0B
#define CI_GRC_BAD_OBJ_MODE 0x0C
#define CI_GRC_OBJ_ALREADY_EXISTS 0x0D
#define CI_GRC_ATTR_NOT_SETTABLE 0x0E
#define CI_GRC_PERMISSION_DENIED 0x0F
#define CI_GRC_DEV_IN_WRONG_STATE 0x10
#define CI_GRC_REPLY_DATA_TOO_LARGE 0x11
#define CI_GRC_FRAGMENT_PRIMITIVE 0x12
#define CI_GRC_CONFIG_TOO_SMALL 0x13
#define CI_GRC_UNDEFINED_ATTR 0x14
#define CI_GRC_CONFIG_TOO_BIG 0x15
#define CI_GRC_OBJ_DOES_NOT_EXIST 0x16
#define CI_GRC_NO_FRAGMENTATION 0x17
#define CI_GRC_DATA_NOT_SAVED 0x18
#define CI_GRC_DATA_WRITE_FAILURE 0x19
#define CI_GRC_REQUEST_TOO_LARGE 0x1A
#define CI_GRC_RESPONSE_TOO_LARGE 0x1B
#define CI_GRC_MISSING_LIST_DATA 0x1C
#define CI_GRC_INVALID_LIST_STATUS 0x1D
#define CI_GRC_SERVICE_ERROR 0x1E
#define CI_GRC_CONN_RELATED_FAILURE 0x1F
#define CI_GRC_INVALID_PARAMETER 0x20
#define CI_GRC_WRITE_ONCE_FAILURE 0x21
#define CI_GRC_INVALID_REPLY 0x22
#define CI_GRC_BUFFER_OVERFLOW 0x23
#define CI_GRC_MESSAGE_FORMAT 0x24
#define CI_GRC_BAD_KEY_IN_PATH 0x25
#define CI_GRC_BAD_PATH_SIZE 0x26
#define CI_GRC_UNEXPECTED_ATTR 0x27
#define CI_GRC_INVALID_MEMBER 0x28
#define CI_GRC_MEMBER_NOT_SETTABLE 0x29
#define CI_GRC_G2_SERVER_FAILURE 0x2A
#define CI_GRC_UNKNOWN_MB_ERROR 0x2B
#define CI_GRC_ATTRIBUTE_NOT_GET 0x2C
#define CI_GRC_STILL_PROCESSING 0xFF
/* IOI Path types */
#define CI_SEGMENT_TYPE_MASK 0xE0
#define CI_PORT_SEGMENT 0x00
#define CI_LOGICAL_SEGMENT 0x20
#define CI_NETWORK_SEGMENT 0x40
#define CI_SYMBOLIC_SEGMENT 0x60
#define CI_DATA_SEGMENT 0x80
#define CI_PORT_SEG_EX_LINK_ADDRESS 0x10
#define CI_PORT_SEG_PORT_ID_MASK 0x0F
#define CI_LOGICAL_SEG_TYPE_MASK 0x1C
#define CI_LOGICAL_SEG_CLASS_ID 0x00
#define CI_LOGICAL_SEG_INST_ID 0x04
#define CI_LOGICAL_SEG_MBR_ID 0x08
#define CI_LOGICAL_SEG_CON_POINT 0x0C
#define CI_LOGICAL_SEG_ATTR_ID 0x10
#define CI_LOGICAL_SEG_SPECIAL 0x14
#define CI_LOGICAL_SEG_SERV_ID 0x18
#define CI_LOGICAL_SEG_RES_1 0x1C
#define CI_LOGICAL_SEG_FORMAT_MASK 0x03
#define CI_LOGICAL_SEG_8_BIT 0x00
#define CI_LOGICAL_SEG_16_BIT 0x01
#define CI_LOGICAL_SEG_32_BIT 0x02
#define CI_LOGICAL_SEG_RES_2 0x03
#define CI_LOGICAL_SEG_E_KEY 0x00
#define CI_E_KEY_FORMAT_VAL 0x04
#define CI_DATA_SEG_TYPE_MASK 0x1F
#define CI_DATA_SEG_SIMPLE 0x00
#define CI_DATA_SEG_SYMBOL 0x11
#define CI_NETWORK_SEG_TYPE_MASK 0x1F
#define CI_NETWORK_SEG_SCHEDULE 0x01
#define CI_NETWORK_SEG_FIXED_TAG 0x02
#define CI_NETWORK_SEG_PROD_INHI 0x03
#define CI_NETWORK_SEG_SAFETY 0x10
#define CI_NETWORK_SEG_EXTENDED 0x1F
/* Device Profiles */
#define DP_GEN_DEV 0x00
#define DP_AC_DRIVE 0x02
#define DP_MOTOR_OVERLOAD 0x03
#define DP_LIMIT_SWITCH 0x04
#define DP_IND_PROX_SWITCH 0x05
#define DP_PHOTO_SENSOR 0x06
#define DP_GENP_DISC_IO 0x07
#define DP_RESOLVER 0x09
#define DP_COM_ADAPTER 0x0C
#define DP_POS_CNT 0x10
#define DP_DC_DRIVE 0x13
#define DP_CONTACTOR 0x15
#define DP_MOTOR_STARTER 0x16
#define DP_SOFT_START 0x17
#define DP_HMI 0x18
#define DP_MASS_FLOW_CNT 0x1A
#define DP_PNEUM_VALVE 0x1B
#define DP_VACUUM_PRES_GAUGE 0x1C
/* Define common services */
#define GENERIC_SC_LIST \
{ SC_GET_ATT_ALL, "Get Attribute All" }, \
{ SC_SET_ATT_ALL, "Set Attribute All" }, \
{ SC_GET_ATT_LIST, "Get Attribute List" }, \
{ SC_SET_ATT_LIST, "Set Attribute List" }, \
{ SC_RESET, "Reset" }, \
{ SC_START, "Start" }, \
{ SC_STOP, "Stop" }, \
{ SC_CREATE, "Create" }, \
{ SC_DELETE, "Delete" }, \
{ SC_MULT_SERV_PACK, "Multiple Service Packet" }, \
{ SC_APPLY_ATTRIBUTES, "Apply Attributes" }, \
{ SC_GET_ATT_SINGLE, "Get Attribute Single" }, \
{ SC_SET_ATT_SINGLE, "Set Attribute Single" }, \
{ SC_FIND_NEXT_OBJ_INST, "Find Next Object Instance" }, \
{ SC_RESTOR, "Restore" }, \
{ SC_SAVE, "Save" }, \
{ SC_NO_OP, "Nop" }, \
{ SC_GET_MEMBER, "Get Member" }, \
{ SC_SET_MEMBER, "Set Member" }, \
{ SC_INSERT_MEMBER, "Insert Member" }, \
{ SC_REMOVE_MEMBER, "Remove Member" }, \
{ SC_GROUP_SYNC, "Group Sync" }, \
typedef struct cip_simple_request_info {
guint32 iClass;
guint32 iInstance;
guint32 iAttribute;
guint32 iMember;
} cip_simple_request_info_t;
enum cip_datatype {
cip_bool,
cip_sint,
cip_int,
cip_dint,
cip_lint,
cip_usint,
cip_usint_array,
cip_uint,
cip_uint_array,
cip_udint,
cip_ulint,
cip_real,
cip_lreal,
cip_itime,
cip_time,
cip_ftime,
cip_ltime,
cip_short_string,
cip_string,
cip_byte,
cip_word,
cip_dword,
cip_lword,
cip_dissector_func,
/* Currently not supported */
cip_date,
cip_time_of_day,
cip_date_and_time,
cip_string2,
cip_stringN,
cip_stringi
};
typedef int attribute_dissector_func(packet_info *pinfo, proto_tree *tree, proto_item *item, tvbuff_t *tvb,
int offset, int total_len);
typedef struct attribute_info {
guint class_id;
gboolean class_instance;
guint attribute;
const char *text;
enum cip_datatype datatype;
int* phf;
attribute_dissector_func* pdissect;
} attribute_info_t;
/*
** Exported functions
*/
extern void dissect_epath( tvbuff_t *tvb, packet_info *pinfo, proto_item *epath_item, int offset, int path_length, gboolean generate, cip_simple_request_info_t* req_data);
/*
** Exported variables
*/
extern value_string_ext cip_gs_vals_ext;
extern value_string_ext cip_cm_ext_st_vals_ext;
extern value_string_ext cip_vendor_vals_ext;
extern value_string_ext cip_devtype_vals_ext;
extern value_string_ext cip_class_names_vals_ext;
|