Documentation
¶
Index ¶
Constants ¶
View Source
const ( COTPTypeCR = 0xE0 // Connection Request (type code 14 = 0xE in upper nibble) COTPTypeCC = 0xD0 // Connection Confirm (type code 13 = 0xD in upper nibble) COTPTypeDR = 0x80 // Disconnect Request (type code 8 = 0x8 in upper nibble) COTPTypeDC = 0xC0 // Disconnect Confirm (type code 12 = 0xC in upper nibble) COTPTypeDT = 0xF0 // Data Transfer (type code 15 = 0xF in upper nibble) COTPTypeED = 0x10 // Expedited Data (type code 1 = 0x1 in upper nibble) COTPTypeAK = 0x60 // Data Acknowledgement (type code 6 = 0x6 in upper nibble) COTPTypeEA = 0x20 // Expedited Data Acknowledgement (type code 2 = 0x2 in upper nibble) COTPTypeRJ = 0x50 // Reject (type code 5 = 0x5 in upper nibble) COTPTypeER = 0x70 // TPDU Error (type code 7 = 0x7 in upper nibble) )
COTP PDU Types (ISO 8073) These are the upper nibble values after masking with 0xF0 The PDU type is encoded in the upper nibble of the COTP header byte
View Source
const ( S7CommMsgTypeJobRequest = 0x01 // Job Request (client -> PLC) S7CommMsgTypeAck = 0x02 // Acknowledgement without data S7CommMsgTypeAckData = 0x03 // Acknowledgement with data S7CommMsgTypeUserData = 0x07 // UserData (e.g., block upload, CPU info) )
S7comm Message Types (ROSCTR - Remote Operating Service Control)
View Source
const ( S7FuncCPUServices = 0x00 // CPU services S7FuncSetupCommunication = 0xF0 // Setup communication S7FuncReadVar = 0x04 // Read variable S7FuncWriteVar = 0x05 // Write variable S7FuncRequestDownload = 0x1A // Request download S7FuncDownloadBlock = 0x1B // Download block S7FuncDownloadEnded = 0x1C // Download ended S7FuncStartUpload = 0x1D // Start upload S7FuncUpload = 0x1E // Upload S7FuncEndUpload = 0x1F // End upload S7FuncPIService = 0x28 // PI (Program Invocation) service S7FuncPLCStop = 0x29 // PLC stop S7FuncPLCControl = 0x00 // PLC control (same as CPU services) )
S7comm Function Codes
View Source
const ( S7SyntaxIDS7Any = 0x10 // S7-Any pointer (classic addressing) S7SyntaxIDDriveESAny = 0x11 // Drive ES Any S7SyntaxID1200Sym = 0x12 // 1200 symbolic addressing S7SyntaxIDDBRead = 0x13 // DB read (PBC ID) S7SyntaxIDNCK = 0x82 // NCK addressing (Sinumerik) S7SyntaxIDDriveMCSync = 0xA2 // Drive motion control sync )
S7comm Syntax IDs
View Source
const ( S7AreaSysInfo = 0x03 // System info of 200 family S7AreaSysFlags = 0x05 // System flags of 200 family S7AreaAnalogInputs = 0x06 // Analog inputs of 200 family S7AreaAnalogOutputs = 0x07 // Analog outputs of 200 family S7AreaCounter = 0x1C // Counter (200 family) / (S7-300/400) S7AreaTimer = 0x1D // Timer (200 family) / (S7-300/400) S7AreaCounter200 = 0x1E // Counter (200 family IEC) S7AreaTimer200 = 0x1F // Timer (200 family IEC) S7AreaPeripheral = 0x80 // Direct peripheral access (P) - critical for I/O S7AreaInputs = 0x81 // Process inputs (I) S7AreaOutputs = 0x82 // Process outputs (Q) S7AreaFlags = 0x83 // Bit memory/Merker (M) S7AreaDB = 0x84 // Data blocks (DB) S7AreaDI = 0x85 // Instance data blocks (DI) S7AreaLocal = 0x86 // Local data (L) S7AreaVMemory = 0x87 // V-Memory (200 family) )
S7comm Memory Areas (from Wireshark packet-s7comm.c)
View Source
const ( S7TransportSizeNull = 0x00 // NULL S7TransportSizeBit = 0x01 // BIT S7TransportSizeByte = 0x02 // BYTE/CHAR S7TransportSizeChar = 0x03 // CHAR S7TransportSizeWord = 0x04 // WORD S7TransportSizeInt = 0x05 // INT S7TransportSizeDWord = 0x06 // DWORD S7TransportSizeDInt = 0x07 // DINT S7TransportSizeReal = 0x08 // REAL S7TransportSizeDate = 0x09 // DATE S7TransportSizeTOD = 0x0A // TOD (Time of Day) S7TransportSizeTime = 0x0B // TIME S7TransportSizeS5Time = 0x0C // S5TIME S7TransportSizeDT = 0x0F // DATE_AND_TIME S7TransportSizeCounter = 0x1C // COUNTER S7TransportSizeTimer = 0x1D // TIMER S7TransportSizeIECCounter = 0x1E // IEC COUNTER (200 family) S7TransportSizeIECTimer = 0x1F // IEC TIMER (200 family) S7TransportSizeHSCounter = 0x20 // HS COUNTER (200 family) )
S7comm Transport Sizes (in request)
View Source
const ( S7ReturnCodeReserved = 0x00 // Reserved S7ReturnCodeHardwareError = 0x01 // Hardware error S7ReturnCodeAccessingObject = 0x03 // Accessing the object not allowed S7ReturnCodeAddressOutOfRange = 0x05 // Address out of range S7ReturnCodeDataTypeNotSupported = 0x06 // Data type not supported S7ReturnCodeDataTypeInconsistent = 0x07 // Data type inconsistent S7ReturnCodeObjectNotExists = 0x0A // Object does not exist S7ReturnCodeSuccess = 0xFF // Success )
S7comm Return Codes
View Source
const ( S7UserDataFGProgram = 0x01 // Programmer commands S7UserDataFGCyclic = 0x02 // Cyclic data S7UserDataFGBlock = 0x03 // Block functions S7UserDataFGCPUFunc = 0x04 // CPU functions S7UserDataFGSecurity = 0x05 // Security S7UserDataFGPBCBSend = 0x06 // PBC BSEND/BRECV S7UserDataFGTime = 0x07 // Time functions S7UserDataFGNCProgram = 0x0F // NC Programming (Sinumerik) )
UserData function groups (from Wireshark packet-s7comm.h)
View Source
const ( S7UserDataCPUReadSZL = 0x01 // Read SZL (System Status List) S7UserDataCPUMsgService = 0x02 // Message service S7UserDataCPUDiagMessage = 0x03 // Diagnostic message S7UserDataCPUAlarmQuery = 0x13 // Alarm query )
UserData subfunctions for CPU Functions (0x04)
View Source
const ( S7UserDataTimeRead = 0x01 // Read clock S7UserDataTimeSet = 0x02 // Set clock S7UserDataTimeReadF = 0x03 // Read clock (F) S7UserDataTimeSet2 = 0x04 // Set clock )
UserData subfunctions for Time Functions (0x07)
View Source
const ( S7UserDataCyclicMem = 0x01 // Memory S7UserDataCyclicUnsubscr = 0x04 // Unsubscribe )
UserData subfunctions for Cyclic Data (0x02)
View Source
const ( S7PIServicePProgram = "_INSE" // Insert program S7PIServiceModu = "_MODU" // Module S7PIServiceGarb = "_GARB" // Garbage collection S7PIServiceNStop = "P_PROGRAM" // Stop program )
PI Service names (Program Invocation)
View Source
const ( SZLIDModuleID = 0x0011 // Module identification SZLIDCPUCharacter = 0x0012 // CPU characteristics SZLIDMemoryAreas = 0x0013 // Memory areas SZLIDSystemAreas = 0x0014 // System areas SZLIDBlockTypes = 0x0015 // Block types SZLIDCPUType = 0x001C // CPU type SZLIDComponentID = 0x001D // Component identification SZLIDInterruptStatus = 0x0022 // Interrupt status SZLIDAssignmentList = 0x0025 // Assignment list SZLIDCPUStatus = 0x0074 // CPU status SZLIDModeTransition = 0x0090 // Mode transition SZLIDStartupInfo = 0x0094 // Startup information SZLIDCommunication = 0x0111 // Communication status SZLIDLEDStatus = 0x0019 // LED status SZLIDRackStation = 0x0091 // Rack/station status SZLIDDiagBuffer = 0x00A0 // Diagnostic buffer )
SZL ID classes (System Status List - from packet-s7comm_szl_ids.h)
View Source
const ( S7BlockTypeOB = 0x08 // Organization Block S7BlockTypeDB = 0x0A // Data Block S7BlockTypeSDB = 0x0B // System Data Block S7BlockTypeFC = 0x0C // Function S7BlockTypeSFC = 0x0D // System Function S7BlockTypeFB = 0x0E // Function Block S7BlockTypeSFB = 0x0F // System Function Block )
Block types for block services
View Source
const ( S7AlarmTypeScan = 0x01 // Scan alarm S7AlarmTypeAlarm8 = 0x02 // Alarm_8 S7AlarmTypeAlarm8P = 0x04 // Alarm_8P S7AlarmTypeNotify = 0x05 // Notify S7AlarmTypeAlarmS = 0x06 // Alarm_S (SQ) S7AlarmTypeAlarmSQ = 0x07 // Alarm_SQ S7AlarmTypeAlarm = 0x08 // Alarm S7AlarmTypeAlarmAck = 0x09 // Alarm Ack S7AlarmTypeAlarmLock = 0x0A // Alarm Lock )
Alarm types
View Source
const (
S7VarSpecTypeItem = 0x12 // Item specification
)
S7comm Variable Specification Types
Variables ¶
View Source
var Decoder = &decoder.StreamDecoder{ Type: types.Type_NC_S7Comm, Name: serviceS7Comm, Description: "Siemens S7 Communication Protocol for ICS/SCADA PLC communication", PostInit: func(d *decoder.StreamDecoder) error { var err error s7commLog, _, err = logging.InitZapLogger( decoderconfig.Instance.Out, "s7comm", decoderconfig.Instance.Debug, ) return err }, CanDecode: func(client, server []byte) bool { return canDecodeS7Comm(client) || canDecodeS7Comm(server) }, DeInit: func(sd *decoder.StreamDecoder) error { return s7commLog.Sync() }, Factory: &s7commReader{}, Typ: core.TCP, }
Decoder for protocol analysis and writing audit records to disk.
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.