-
Notifications
You must be signed in to change notification settings - Fork 19
/
packet-s7comm.c
3958 lines (3686 loc) · 207 KB
/
packet-s7comm.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
/* packet-s7comm.c
*
* Author: Thomas Wiens, 2014 (th.wiens@gmx.de)
* Description: Wireshark dissector for S7-Communication
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include "config.h"
#include <glib.h>
#include <epan/packet.h>
#include "packet-s7comm.h"
#include "packet-s7comm_szl_ids.h"
#define PROTO_TAG_S7COMM "S7COMM"
/* Min. telegram length for heuristic check */
#define S7COMM_MIN_TELEGRAM_LENGTH 10
/* Protocol identifier */
#define S7COMM_PROT_ID 0x32
/* Wireshark ID of the S7COMM protocol */
static int proto_s7comm = -1;
/* Forward declarations */
void proto_reg_handoff_s7comm(void);
void proto_register_s7comm (void);
/* this is needed when its compiled as plugin.
* When compiled as internal dissector, tfs_yes_no can be used instead of this.
*/
static const true_false_string s7comm_tfs_yes_no = {
"Yes",
"No"
};
/**************************************************************************
* Function call tree of the dissect process
dissect_s7comm()
+
+-------s7comm_decode_req_resp()
+ + +
+ response request
+ + +
+ + +------ s7comm_decode_param_item()
+ + + s7comm_decode_response_read_data()
+ + +
+ + +------ s7comm_decode_pdu_setup_communication()
+ + +------ s7comm_decode_plc_controls_param_hex1x()
+ + +------ s7comm_decode_plc_controls_param_hex28()
+ + +------ s7comm_decode_plc_controls_param_hex29()
+ +
+ +------ s7comm_decode_response_read_data()
+ +------ s7comm_decode_response_write_data()
+ +------ s7comm_decode_pdu_setup_communication()
+
+
+-------s7comm_decode_ud()
+
+------ s7comm_decode_ud_prog_subfunc()
+ +
+ +------- s7comm_decode_ud_prog_vartab_req_item()
+ +------- s7comm_decode_ud_prog_vartab_res_item()
+ +------- s7comm_decode_ud_prog_reqdiagdata()
+
+------ s7comm_decode_ud_cyclic_subfunc()
+ +
+ +------- s7comm_decode_param_item()
+ +------- s7comm_decode_response_read_data()
+
+------ s7comm_decode_ud_block_subfunc()
+------ s7comm_decode_ud_szl_subfunc()
+ +
+ +------- s7comm_decode_szl_id_XXXX_idx_XXXX()
+
+------ s7comm_decode_ud_security_subfunc()
+------ s7comm_decode_ud_time_subfunc()
**************************************************************************/
/**************************************************************************
* PDU types
*/
#define S7COMM_ROSCTR_JOB 0x01
#define S7COMM_ROSCTR_ACK 0x02
#define S7COMM_ROSCTR_ACK_DATA 0x03
#define S7COMM_ROSCTR_USERDATA 0x07
static const value_string rosctr_names[] = {
{ S7COMM_ROSCTR_JOB, "Job" }, /* Request: job with acknowledgement */
{ S7COMM_ROSCTR_ACK, "Ack" }, /* acknowledgement without additional field */
{ S7COMM_ROSCTR_ACK_DATA, "Ack_Data" }, /* Response: acknowledgement with additional field */
{ S7COMM_ROSCTR_USERDATA, "Userdata" },
{ 0, NULL }
};
/**************************************************************************
* Error classes in header
*/
#define S7COMM_ERRCLS_NONE 0x00
#define S7COMM_ERRCLS_APPREL 0x81
#define S7COMM_ERRCLS_OBJDEF 0x82
#define S7COMM_ERRCLS_RESSOURCE 0x83
#define S7COMM_ERRCLS_SERVICE 0x84
#define S7COMM_ERRCLS_SUPPLIES 0x85
#define S7COMM_ERRCLS_ACCESS 0x87
static const value_string errcls_names[] = {
{ S7COMM_ERRCLS_NONE, "No error" },
{ S7COMM_ERRCLS_APPREL, "Application relationship" },
{ S7COMM_ERRCLS_OBJDEF, "Object definition" },
{ S7COMM_ERRCLS_RESSOURCE, "No ressources available" },
{ S7COMM_ERRCLS_SERVICE, "Error on service processing" },
{ S7COMM_ERRCLS_SUPPLIES, "Error on supplies" },
{ S7COMM_ERRCLS_ACCESS, "Access error" },
{ 0, NULL }
};
/**************************************************************************
* Error code in parameter part
*/
#define S7COMM_PERRCOD_NO_ERROR 0x0000
#define S7COMM_PERRCOD_INVALID_BLOCK_TYPE_NUM 0x0110
#define S7COMM_PERRCOD_INVALID_PARAM 0x0112
#define S7COMM_PERRCOD_PG_RESOURCE_ERROR 0x011A
#define S7COMM_PERRCOD_PLC_RESOURCE_ERROR 0x011B
#define S7COMM_PERRCOD_PROTOCOL_ERROR 0x011C
#define S7COMM_PERRCOD_USER_BUFFER_TOO_SHORT 0x011F
#define S7COMM_PERRCOD_REQ_INI_ERR 0x0141
#define S7COMM_PERRCOD_VERSION_MISMATCH 0x01C0
#define S7COMM_PERRCOD_NOT_IMPLEMENTED 0x01F0
#define S7COMM_PERRCOD_L7_INVALID_CPU_STATE 0x8001
#define S7COMM_PERRCOD_L7_PDU_SIZE_ERR 0x8500
#define S7COMM_PERRCOD_L7_INVALID_SZL_ID 0xD401
#define S7COMM_PERRCOD_L7_INVALID_INDEX 0xD402
#define S7COMM_PERRCOD_L7_DGS_CONN_ALREADY_ANNOU 0xD403
#define S7COMM_PERRCOD_L7_MAX_USER_NB 0xD404
#define S7COMM_PERRCOD_L7_DGS_FKT_PAR_SYNTAX_ERR 0xD405
#define S7COMM_PERRCOD_L7_NO_INFO 0xD406
#define S7COMM_PERRCOD_L7_PRT_FKT_PAR_SYNTAX_ERR 0xD601
#define S7COMM_PERRCOD_L7_INVALID_VAR_ADDR 0xD801
#define S7COMM_PERRCOD_L7_UNKNOWN_REQ 0xD802
#define S7COMM_PERRCOD_L7_INVALID_REQ_STATUS 0xD803
static const value_string param_errcode_names[] = {
{ S7COMM_PERRCOD_NO_ERROR, "No error" },
{ S7COMM_PERRCOD_INVALID_BLOCK_TYPE_NUM, "Invalid block type number" },
{ S7COMM_PERRCOD_INVALID_PARAM, "Invalid parameter" },
{ S7COMM_PERRCOD_PG_RESOURCE_ERROR, "PG ressource error" },
{ S7COMM_PERRCOD_PLC_RESOURCE_ERROR, "PLC ressource error" },
{ S7COMM_PERRCOD_PROTOCOL_ERROR, "Protocol error" },
{ S7COMM_PERRCOD_USER_BUFFER_TOO_SHORT, "User buffer too short" },
{ S7COMM_PERRCOD_REQ_INI_ERR, "Request error" },
{ S7COMM_PERRCOD_VERSION_MISMATCH, "Version mismatch" },
{ S7COMM_PERRCOD_NOT_IMPLEMENTED, "Not implemented" },
{ S7COMM_PERRCOD_L7_INVALID_CPU_STATE, "L7 invalid CPU state" },
{ S7COMM_PERRCOD_L7_PDU_SIZE_ERR, "L7 PDU size error" },
{ S7COMM_PERRCOD_L7_INVALID_SZL_ID, "L7 invalid SZL ID" },
{ S7COMM_PERRCOD_L7_INVALID_INDEX, "L7 invalid index" },
{ S7COMM_PERRCOD_L7_DGS_CONN_ALREADY_ANNOU, "L7 DGS Connection already announced" },
{ S7COMM_PERRCOD_L7_MAX_USER_NB, "L7 Max user NB" },
{ S7COMM_PERRCOD_L7_DGS_FKT_PAR_SYNTAX_ERR, "L7 DGS function parameter syntax error" },
{ S7COMM_PERRCOD_L7_NO_INFO, "L7 no info" },
{ S7COMM_PERRCOD_L7_PRT_FKT_PAR_SYNTAX_ERR, "L7 PRT function parameter syntax error" },
{ S7COMM_PERRCOD_L7_INVALID_VAR_ADDR, "L7 invalid variable address" },
{ S7COMM_PERRCOD_L7_UNKNOWN_REQ, "L7 unknown request" },
{ S7COMM_PERRCOD_L7_INVALID_REQ_STATUS, "L7 invalid request status" },
{ 0, NULL }
};
/**************************************************************************
* Function codes in parameter part
*/
#define S7COMM_SERV_CPU 0x00
#define S7COMM_SERV_SETUPCOMM 0xF0
#define S7COMM_SERV_READVAR 0x04
#define S7COMM_SERV_WRITEVAR 0x05
#define S7COMM_FUNCREQUESTDOWNLOAD 0x1A
#define S7COMM_FUNCDOWNLOADBLOCK 0x1B
#define S7COMM_FUNCDOWNLOADENDED 0x1C
#define S7COMM_FUNCSTARTUPLOAD 0x1D
#define S7COMM_FUNCUPLOAD 0x1E
#define S7COMM_FUNCENDUPLOAD 0x1F
#define S7COMM_FUNC_PLC_CONTROL 0x28
#define S7COMM_FUNC_PLC_STOP 0x29
static const value_string param_functionnames[] = {
{ S7COMM_SERV_CPU, "CPU services" },
{ S7COMM_SERV_SETUPCOMM, "Setup communication" },
{ S7COMM_SERV_READVAR, "Read Var" },
{ S7COMM_SERV_WRITEVAR, "Write Var" },
/* Block management services */
{ S7COMM_FUNCREQUESTDOWNLOAD, "Request download" },
{ S7COMM_FUNCDOWNLOADBLOCK, "Download block" },
{ S7COMM_FUNCDOWNLOADENDED, "Download ended" },
{ S7COMM_FUNCSTARTUPLOAD, "Start upload" },
{ S7COMM_FUNCUPLOAD, "Upload" },
{ S7COMM_FUNCENDUPLOAD, "End upload" },
{ S7COMM_FUNC_PLC_CONTROL, "PLC Control" },
{ S7COMM_FUNC_PLC_STOP, "PLC Stop" },
{ 0, NULL }
};
/**************************************************************************
* Area names
*/
#define S7COMM_AREA_SYSINFO 0x03 /* System info of 200 family */
#define S7COMM_AREA_SYSFLAGS 0x05 /* System flags of 200 family */
#define S7COMM_AREA_ANAIN 0x06 /* analog inputs of 200 family */
#define S7COMM_AREA_ANAOUT 0x07 /* analog outputs of 200 family */
#define S7COMM_AREA_P 0x80 /* direct peripheral access */
#define S7COMM_AREA_INPUTS 0x81
#define S7COMM_AREA_OUTPUTS 0x82
#define S7COMM_AREA_FLAGS 0x83
#define S7COMM_AREA_DB 0x84 /* data blocks */
#define S7COMM_AREA_DI 0x85 /* instance data blocks */
#define S7COMM_AREA_LOCAL 0x86 /* local data (should not be accessible over network) */
#define S7COMM_AREA_V 0x87 /* previous (Vorgaenger) local data (should not be accessible over network) */
#define S7COMM_AREA_COUNTER 28 /* S7 counters */
#define S7COMM_AREA_TIMER 29 /* S7 timers */
#define S7COMM_AREA_COUNTER200 30 /* IEC counters (200 family) */
#define S7COMM_AREA_TIMER200 31 /* IEC timers (200 family) */
static const value_string item_areanames[] = {
{ S7COMM_AREA_SYSINFO, "System info of 200 family" },
{ S7COMM_AREA_SYSFLAGS, "System flags of 200 family" },
{ S7COMM_AREA_ANAIN, "Analog inputs of 200 family" },
{ S7COMM_AREA_ANAOUT, "Analog outputs of 200 family" },
{ S7COMM_AREA_P, "Direct peripheral access (P)" },
{ S7COMM_AREA_INPUTS, "Inputs (I)" },
{ S7COMM_AREA_OUTPUTS, "Outputs (Q)" },
{ S7COMM_AREA_FLAGS, "Flags (M)" },
{ S7COMM_AREA_DB, "Data blocks (DB)" },
{ S7COMM_AREA_DI, "Instance data blocks (DI)" },
{ S7COMM_AREA_LOCAL, "Local data (L)" },
{ S7COMM_AREA_V, "Unknown yet (V)" },
{ S7COMM_AREA_COUNTER, "S7 counters (C)" },
{ S7COMM_AREA_TIMER, "S7 timers (T)" },
{ S7COMM_AREA_COUNTER200, "IEC counters (200 family)" },
{ S7COMM_AREA_TIMER200, "IEC timers (200 family)" },
{ 0, NULL }
};
/**************************************************************************
* Transport sizes in item data
*/
/* types of 1 byte length */
#define S7COMM_TRANSPORT_SIZE_BIT 1
#define S7COMM_TRANSPORT_SIZE_BYTE 2
#define S7COMM_TRANSPORT_SIZE_CHAR 3
/* types of 2 bytes length */
#define S7COMM_TRANSPORT_SIZE_WORD 4
#define S7COMM_TRANSPORT_SIZE_INT 5
/* types of 4 bytes length */
#define S7COMM_TRANSPORT_SIZE_DWORD 6
#define S7COMM_TRANSPORT_SIZE_DINT 7
#define S7COMM_TRANSPORT_SIZE_REAL 8
/* Special types */
#define S7COMM_TRANSPORT_SIZE_DATE 9
#define S7COMM_TRANSPORT_SIZE_TOD 10
#define S7COMM_TRANSPORT_SIZE_TIME 11
#define S7COMM_TRANSPORT_SIZE_S5TIME 12
#define S7COMM_TRANSPORT_SIZE_DT 15
/* Timer or counter */
#define S7COMM_TRANSPORT_SIZE_COUNTER 28
#define S7COMM_TRANSPORT_SIZE_TIMER 29
#define S7COMM_TRANSPORT_SIZE_IEC_COUNTER 30
#define S7COMM_TRANSPORT_SIZE_IEC_TIMER 31
#define S7COMM_TRANSPORT_SIZE_HS_COUNTER 32
static const value_string item_transportsizenames[] = {
{ S7COMM_TRANSPORT_SIZE_BIT, "BIT" },
{ S7COMM_TRANSPORT_SIZE_BYTE, "BYTE" },
{ S7COMM_TRANSPORT_SIZE_CHAR, "CHAR" },
{ S7COMM_TRANSPORT_SIZE_WORD, "WORD" },
{ S7COMM_TRANSPORT_SIZE_INT, "INT" },
{ S7COMM_TRANSPORT_SIZE_DWORD, "DWORD" },
{ S7COMM_TRANSPORT_SIZE_DINT, "DINT" },
{ S7COMM_TRANSPORT_SIZE_REAL, "REAL" },
{ S7COMM_TRANSPORT_SIZE_TOD, "TOD" },
{ S7COMM_TRANSPORT_SIZE_TIME, "TIME" },
{ S7COMM_TRANSPORT_SIZE_S5TIME, "S5TIME" },
{ S7COMM_TRANSPORT_SIZE_DT, "DATE_AND_TIME" },
{ S7COMM_TRANSPORT_SIZE_COUNTER, "COUNTER" },
{ S7COMM_TRANSPORT_SIZE_TIMER, "TIMER" },
{ S7COMM_TRANSPORT_SIZE_IEC_COUNTER, "IEC TIMER" },
{ S7COMM_TRANSPORT_SIZE_IEC_TIMER, "IEC COUNTER" },
{ S7COMM_TRANSPORT_SIZE_HS_COUNTER, "HS COUNTER" },
{ 0, NULL }
};
/**************************************************************************
* Syntax Ids of variable specification
*/
#define S7COMM_SYNTAXID_S7ANY 0x10 /* Address data S7-Any pointer-like DB1.DBX10.2 */
#define S7COMM_SYNTAXID_PBC_ID 0x13 /* R_ID for PBC */
#define S7COMM_SYNTAXID_ALARM_MESSAGE 0x16 /* Alarm Message */
#define S7COMM_SYNTAXID_ALARM_ACKMESSAGE 0x19 /* Alarm Acknowledge Message */
#define S7COMM_SYNTAXID_DRIVEESANY 0xa2 /* seen on Drive ES Starter with routing over S7 */
#define S7COMM_SYNTAXID_1200SYM 0xb2 /* Symbolic address mode of S7-1200 */
#define S7COMM_SYNTAXID_DBREAD 0xb0 /* Kind of DB block read, seen only at an S7-400 */
#define S7COMM_SYNTAXID_NCK 0x82 /* Sinumerik NCK HMI access */
static const value_string item_syntaxid_names[] = {
{ S7COMM_SYNTAXID_S7ANY, "S7ANY" },
{ S7COMM_SYNTAXID_PBC_ID, "PBC-R_ID" },
{ S7COMM_SYNTAXID_ALARM_MESSAGE, "ALARM_MSG" },
{ S7COMM_SYNTAXID_ALARM_ACKMESSAGE, "ALARM_ACK_MSG" },
{ S7COMM_SYNTAXID_DRIVEESANY, "DRIVEESANY" },
{ S7COMM_SYNTAXID_1200SYM, "1200SYM" },
{ S7COMM_SYNTAXID_DBREAD, "DBREAD" },
{ S7COMM_SYNTAXID_NCK, "NCK" },
{ 0, NULL }
};
/**************************************************************************
* Transport sizes in data
*/
#define S7COMM_DATA_TRANSPORT_SIZE_NULL 0
#define S7COMM_DATA_TRANSPORT_SIZE_BBIT 3 /* bit access, len is in bits */
#define S7COMM_DATA_TRANSPORT_SIZE_BBYTE 4 /* byte/word/dword acces, len is in bits */
#define S7COMM_DATA_TRANSPORT_SIZE_BINT 5 /* integer access, len is in bits */
#define S7COMM_DATA_TRANSPORT_SIZE_BDINT 6 /* integer access, len is in bytes */
#define S7COMM_DATA_TRANSPORT_SIZE_BREAL 7 /* real access, len is in bytes */
#define S7COMM_DATA_TRANSPORT_SIZE_BSTR 9 /* octet string, len is in bytes */
static const value_string data_transportsizenames[] = {
{ S7COMM_DATA_TRANSPORT_SIZE_NULL, "NULL" },
{ S7COMM_DATA_TRANSPORT_SIZE_BBIT, "BIT" },
{ S7COMM_DATA_TRANSPORT_SIZE_BBYTE, "BYTE/WORD/DWORD" },
{ S7COMM_DATA_TRANSPORT_SIZE_BINT, "INTEGER" },
{ S7COMM_DATA_TRANSPORT_SIZE_BDINT, "DINTEGER" },
{ S7COMM_DATA_TRANSPORT_SIZE_BREAL, "REAL" },
{ S7COMM_DATA_TRANSPORT_SIZE_BSTR, "OCTET STRING" },
{ 0, NULL }
};
/**************************************************************************
* Returnvalues of an item response
*/
const value_string s7comm_item_return_valuenames[] = {
{ S7COMM_ITEM_RETVAL_RESERVED, "Reserved" },
{ S7COMM_ITEM_RETVAL_DATA_HW_FAULT, "Hardware error" },
{ S7COMM_ITEM_RETVAL_DATA_ACCESS_FAULT, "Accessing the object not allowed" },
{ S7COMM_ITEM_RETVAL_DATA_OUTOFRANGE, "Invalid address" },
{ S7COMM_ITEM_RETVAL_DATA_NOT_SUP, "Data type not supported" },
{ S7COMM_ITEM_RETVAL_DATA_SIZEMISMATCH, "Data type inconsistent" },
{ S7COMM_ITEM_RETVAL_DATA_ERR, "Object does not exist" },
{ S7COMM_ITEM_RETVAL_DATA_OK, "Success" },
{ 0, NULL }
};
/**************************************************************************
* Block Types
*/
#define S7COMM_BLOCKTYPE_OB '8'
#define S7COMM_BLOCKTYPE_DB 'A'
#define S7COMM_BLOCKTYPE_SDB 'B'
#define S7COMM_BLOCKTYPE_FC 'C'
#define S7COMM_BLOCKTYPE_SFC 'D'
#define S7COMM_BLOCKTYPE_FB 'E'
#define S7COMM_BLOCKTYPE_SFB 'F'
static const value_string blocktype_names[] = {
{ S7COMM_BLOCKTYPE_OB, "OB" },
{ S7COMM_BLOCKTYPE_DB, "DB" },
{ S7COMM_BLOCKTYPE_SDB, "SDB" },
{ S7COMM_BLOCKTYPE_FC, "FC" },
{ S7COMM_BLOCKTYPE_SFC, "SFC" },
{ S7COMM_BLOCKTYPE_FB, "FB" },
{ S7COMM_BLOCKTYPE_SFB, "SFB" },
{ 0, NULL }
};
/**************************************************************************
* Subblk types
*/
#define S7COMM_SUBBLKTYPE_OB 0x08
#define S7COMM_SUBBLKTYPE_DB 0x0a
#define S7COMM_SUBBLKTYPE_SDB 0x0b
#define S7COMM_SUBBLKTYPE_FC 0x0c
#define S7COMM_SUBBLKTYPE_SFC 0x0d
#define S7COMM_SUBBLKTYPE_FB 0x0e
#define S7COMM_SUBBLKTYPE_SFB 0x0f
static const value_string subblktype_names[] = {
{ S7COMM_SUBBLKTYPE_OB, "OB" },
{ S7COMM_SUBBLKTYPE_DB, "DB" },
{ S7COMM_SUBBLKTYPE_SDB, "SDB" },
{ S7COMM_SUBBLKTYPE_FC, "FC" },
{ S7COMM_SUBBLKTYPE_SFC, "SFC" },
{ S7COMM_SUBBLKTYPE_FB, "FB" },
{ S7COMM_SUBBLKTYPE_SFB, "SFB" },
{ 0, NULL }
};
/**************************************************************************
* Block security
*/
#define S7COMM_BLOCKSECURITY_OFF 0
#define S7COMM_BLOCKSECURITY_KNOWHOWPROTECT 3
static const value_string blocksecurity_names[] = {
{ S7COMM_BLOCKSECURITY_OFF, "None" },
{ S7COMM_BLOCKSECURITY_KNOWHOWPROTECT, "Know How Protect" },
{ 0, NULL }
};
/**************************************************************************
* Block Languages
*/
static const value_string blocklanguage_names[] = {
{ 0x00, "Not defined" },
{ 0x01, "AWL" },
{ 0x02, "KOP" },
{ 0x03, "FUP" },
{ 0x04, "SCL" },
{ 0x05, "DB" },
{ 0x06, "GRAPH" },
{ 0x07, "SDB" },
{ 0x08, "CPU-DB" }, /* DB was created from Plc programm (CREAT_DB) */
{ 0x11, "SDB (after overall reset)" }, /* another SDB, don't know what it means, in SDB 1 and SDB 2, uncertain*/
{ 0x12, "SDB (Routing)" }, /* another SDB, in SDB 999 and SDB 1000 (routing information), uncertain */
{ 0x29, "ENCRYPT" }, /* block is encrypted with S7-Block-Privacy */
{ 0, NULL }
};
/**************************************************************************
* Names of types in userdata parameter part
*/
static const value_string userdata_type_names[] = {
{ S7COMM_UD_TYPE_PUSH, "Push" }, /* this type occurs when 2 telegrams follow after another from the same partner, or initiated from PLC */
{ S7COMM_UD_TYPE_REQ, "Request" },
{ S7COMM_UD_TYPE_RES, "Response" },
{ 0, NULL }
};
/**************************************************************************
* Userdata Parameter, last data unit
*/
#define S7COMM_UD_LASTDATAUNIT_YES 0x00
#define S7COMM_UD_LASTDATAUNIT_NO 0x01
static const value_string userdata_lastdataunit_names[] = {
{ S7COMM_UD_LASTDATAUNIT_YES, "Yes" },
{ S7COMM_UD_LASTDATAUNIT_NO, "No" },
{ 0, NULL }
};
/**************************************************************************
* Names of Function groups in userdata parameter part
*/
#define S7COMM_UD_FUNCGROUP_PROG 0x1
#define S7COMM_UD_FUNCGROUP_CYCLIC 0x2
#define S7COMM_UD_FUNCGROUP_BLOCK 0x3
#define S7COMM_UD_FUNCGROUP_CPU 0x4
#define S7COMM_UD_FUNCGROUP_SEC 0x5 /* Security funnctions e.g. plc password */
#define S7COMM_UD_FUNCGROUP_PBC 0x6 /* PBC = Programmable Block Communication (PBK in german) */
#define S7COMM_UD_FUNCGROUP_TIME 0x7
static const value_string userdata_functiongroup_names[] = {
{ S7COMM_UD_FUNCGROUP_PROG, "Programmer commands" },
{ S7COMM_UD_FUNCGROUP_CYCLIC, "Cyclic data" }, /* to read data from plc without a request */
{ S7COMM_UD_FUNCGROUP_BLOCK, "Block functions" },
{ S7COMM_UD_FUNCGROUP_CPU, "CPU functions" },
{ S7COMM_UD_FUNCGROUP_SEC, "Security" },
{ S7COMM_UD_FUNCGROUP_PBC, "PBC BSEND/BRECV" },
{ S7COMM_UD_FUNCGROUP_TIME, "Time functions" },
{ 0, NULL }
};
/**************************************************************************
* Vartab: Typ of data in data part, first two bytes
*/
#define S7COMM_UD_SUBF_PROG_VARTAB_TYPE_REQ 0x14
#define S7COMM_UD_SUBF_PROG_VARTAB_TYPE_RES 0x04
static const value_string userdata_prog_vartab_type_names[] = {
{ S7COMM_UD_SUBF_PROG_VARTAB_TYPE_REQ, "Request" }, /* Request of data areas */
{ S7COMM_UD_SUBF_PROG_VARTAB_TYPE_RES, "Response" }, /* Response from plc with data */
{ 0, NULL }
};
/**************************************************************************
* Vartab: area of data request
*
* Low Hi
* 0=M 1=BYTE
* 1=E 2=WORD
* 2=A 3=DWORD
* 3=PEx
* 7=DB
* 54=TIMER
* 64=COUNTER
*/
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_MB 0x01
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_MW 0x02
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_MD 0x03
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_EB 0x11
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_EW 0x12
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_ED 0x13
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_AB 0x21
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_AW 0x22
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_AD 0x23
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_PEB 0x31
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_PEW 0x32
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_PED 0x33
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_DBB 0x71
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_DBW 0x72
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_DBD 0x73
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_T 0x54
#define S7COMM_UD_SUBF_PROG_VARTAB_AREA_C 0x64
static const value_string userdata_prog_vartab_area_names[] = {
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_MB, "MB" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_MW, "MW" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_MD, "MD" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_EB, "IB" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_EW, "IW" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_ED, "ID" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_AB, "QB" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_AW, "QW" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_AD, "QD" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_PEB, "PIB" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_PEW, "PIW" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_PED, "PID" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_DBB, "DBB" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_DBW, "DBW" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_DBD, "DBD" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_T, "TIMER" },
{ S7COMM_UD_SUBF_PROG_VARTAB_AREA_C, "COUNTER" },
{ 0, NULL }
};
/**************************************************************************
* Names of userdata subfunctions in group 1 (Programmer commands)
*/
#define S7COMM_UD_SUBF_PROG_REQDIAGDATA1 0x01
#define S7COMM_UD_SUBF_PROG_VARTAB1 0x02
#define S7COMM_UD_SUBF_PROG_ERASE 0x0c
#define S7COMM_UD_SUBF_PROG_READDIAGDATA 0x0e
#define S7COMM_UD_SUBF_PROG_REMOVEDIAGDATA 0x0f
#define S7COMM_UD_SUBF_PROG_FORCE 0x10
#define S7COMM_UD_SUBF_PROG_REQDIAGDATA2 0x13
static const value_string userdata_prog_subfunc_names[] = {
{ S7COMM_UD_SUBF_PROG_REQDIAGDATA1, "Request diag data (Type 1)" }, /* Start online block view */
{ S7COMM_UD_SUBF_PROG_VARTAB1, "VarTab" }, /* Variable table */
{ S7COMM_UD_SUBF_PROG_READDIAGDATA, "Read diag data" }, /* online block view */
{ S7COMM_UD_SUBF_PROG_REMOVEDIAGDATA, "Remove diag data" }, /* Stop online block view */
{ S7COMM_UD_SUBF_PROG_ERASE, "Erase" },
{ S7COMM_UD_SUBF_PROG_FORCE, "Forces" },
{ S7COMM_UD_SUBF_PROG_REQDIAGDATA2, "Request diag data (Type 2)" }, /* Start online block view */
{ 0, NULL }
};
/**************************************************************************
* Names of userdata subfunctions in group 2 (cyclic data)
*/
#define S7COMM_UD_SUBF_CYCLIC_MEM 0x01
#define S7COMM_UD_SUBF_CYCLIC_UNSUBSCRIBE 0x04
static const value_string userdata_cyclic_subfunc_names[] = {
{ S7COMM_UD_SUBF_CYCLIC_MEM, "Memory" }, /* read data from memory (DB/M/etc.) */
{ S7COMM_UD_SUBF_CYCLIC_UNSUBSCRIBE, "Unsubscribe" }, /* Unsubcribe (disable) cyclic data */
{ 0, NULL }
};
/**************************************************************************
* Names of userdata subfunctions in group 3 (Block functions)
*/
#define S7COMM_UD_SUBF_BLOCK_LIST 0x01
#define S7COMM_UD_SUBF_BLOCK_LISTTYPE 0x02
#define S7COMM_UD_SUBF_BLOCK_BLOCKINFO 0x03
static const value_string userdata_block_subfunc_names[] = {
{ S7COMM_UD_SUBF_BLOCK_LIST, "List blocks" },
{ S7COMM_UD_SUBF_BLOCK_LISTTYPE, "List blocks of type" },
{ S7COMM_UD_SUBF_BLOCK_BLOCKINFO, "Get block info" },
{ 0, NULL }
};
/**************************************************************************
* Names of userdata subfunctions in group 4 (CPU functions)
*/
static const value_string userdata_cpu_subfunc_names[] = {
{ S7COMM_UD_SUBF_CPU_READSZL, "Read SZL" },
{ S7COMM_UD_SUBF_CPU_MSGS, "Message service" }, /* Header constant is also different here */
{ S7COMM_UD_SUBF_CPU_TRANSSTOP, "Transition to STOP" }, /* PLC changed state to STOP */
{ S7COMM_UD_SUBF_CPU_ALARM8_IND, "ALARM_8 indication" }, /* PLC is indicating a ALARM message, using ALARM_8 SFBs */
{ S7COMM_UD_SUBF_CPU_NOTIFY_IND, "NOTIFY indication" }, /* PLC is indicating a NOTIFY message, using NOTIFY SFBs */
{ S7COMM_UD_SUBF_CPU_ALARMS_IND, "ALARM_S indication" }, /* PLC is indicating a ALARM message, using ALARM_S SFCs */
{ S7COMM_UD_SUBF_CPU_ALARMSQ_IND, "ALARM_SQ indication" }, /* PLC is indicating a ALARM message, using ALARM_SQ SFCs */
{ S7COMM_UD_SUBF_CPU_ALARMQUERY, "ALARM query" }, /* HMI/SCADA query of ALARMs */
{ S7COMM_UD_SUBF_CPU_ALARMACK, "ALARM ack" }, /* Alarm was acknowledged in HMI/SCADA */
{ S7COMM_UD_SUBF_CPU_ALARMACK_IND, "ALARM ack indication" }, /* Alarm acknowledge indication from CPU to HMI */
{ 0, NULL }
};
/**************************************************************************
* Names of userdata subfunctions in group 5 (Security?)
*/
#define S7COMM_UD_SUBF_SEC_PASSWD 0x01
static const value_string userdata_sec_subfunc_names[] = {
{ S7COMM_UD_SUBF_SEC_PASSWD, "PLC password" },
{ 0, NULL }
};
/**************************************************************************
* Names of userdata subfunctions in group 7 (Time functions)
*/
#define S7COMM_UD_SUBF_TIME_READ 0x01
#define S7COMM_UD_SUBF_TIME_SET 0x02
#define S7COMM_UD_SUBF_TIME_READF 0x03
#define S7COMM_UD_SUBF_TIME_SET2 0x04
static const value_string userdata_time_subfunc_names[] = {
{ S7COMM_UD_SUBF_TIME_READ, "Read clock" },
{ S7COMM_UD_SUBF_TIME_SET, "Set clock" },
{ S7COMM_UD_SUBF_TIME_READF, "Read clock (following)" },
{ S7COMM_UD_SUBF_TIME_SET2, "Set clock" },
{ 0, NULL }
};
/*******************************************************************************************************
* Weekday names in DATE_AND_TIME
*/
static const value_string weekdaynames[] = {
{ 0, "Undefined" },
{ 1, "Sunday" },
{ 2, "Monday" },
{ 3, "Tuesday" },
{ 4, "Wednesday" },
{ 5, "Thursday" },
{ 6, "Friday" },
{ 7, "Saturday" },
{ 0, NULL }
};
/**************************************************************************
**************************************************************************/
/**************************************************************************
* Flags for LID access
*/
#define S7COMM_TIA1200_VAR_ENCAPS_LID 0x2
#define S7COMM_TIA1200_VAR_ENCAPS_IDX 0x3
#define S7COMM_TIA1200_VAR_OBTAIN_LID 0x4
#define S7COMM_TIA1200_VAR_OBTAIN_IDX 0x5
#define S7COMM_TIA1200_VAR_PART_START 0x6
#define S7COMM_TIA1200_VAR_PART_LEN 0x7
static const value_string tia1200_var_lid_flag_names[] = {
{ S7COMM_TIA1200_VAR_ENCAPS_LID, "Encapsulated LID" },
{ S7COMM_TIA1200_VAR_ENCAPS_IDX, "Encapsulated Index" },
{ S7COMM_TIA1200_VAR_OBTAIN_LID, "Obtain by LID" },
{ S7COMM_TIA1200_VAR_OBTAIN_IDX, "Obtain by Index" },
{ S7COMM_TIA1200_VAR_PART_START, "Part Start Address" },
{ S7COMM_TIA1200_VAR_PART_LEN, "Part Length" },
{ 0, NULL }
};
/**************************************************************************
* TIA 1200 Area Names for variable access
*/
#define S7COMM_TIA1200_VAR_ITEM_AREA1_DB 0x8a0e /* Reading DB, 2 byte DB-Number following */
#define S7COMM_TIA1200_VAR_ITEM_AREA1_IQMCT 0x0000 /* Reading I/Q/M/C/T, 2 Byte detail area following */
static const value_string tia1200_var_item_area1_names[] = {
{ S7COMM_TIA1200_VAR_ITEM_AREA1_DB, "DB" },
{ S7COMM_TIA1200_VAR_ITEM_AREA1_IQMCT, "IQMCT" },
{ 0, NULL }
};
#define S7COMM_TIA1200_VAR_ITEM_AREA2_I 0x50
#define S7COMM_TIA1200_VAR_ITEM_AREA2_Q 0x51
#define S7COMM_TIA1200_VAR_ITEM_AREA2_M 0x52
#define S7COMM_TIA1200_VAR_ITEM_AREA2_C 0x53
#define S7COMM_TIA1200_VAR_ITEM_AREA2_T 0x54
static const value_string tia1200_var_item_area2_names[] = {
{ S7COMM_TIA1200_VAR_ITEM_AREA2_I, "Inputs (I)" },
{ S7COMM_TIA1200_VAR_ITEM_AREA2_Q, "Outputs (Q)" },
{ S7COMM_TIA1200_VAR_ITEM_AREA2_M, "Flags (M)" },
{ S7COMM_TIA1200_VAR_ITEM_AREA2_C, "Counter (C)" },
{ S7COMM_TIA1200_VAR_ITEM_AREA2_T, "Timer (T)" },
{ 0, NULL }
};
/**************************************************************************
* NCK areas
*/
#define S7COMM_NCK_AREA_N_NCK 0
#define S7COMM_NCK_AREA_B_MODEGROUP 1
#define S7COMM_NCK_AREA_C_CHANNEL 2
#define S7COMM_NCK_AREA_A_AXIS 3
#define S7COMM_NCK_AREA_T_TOOL 4
#define S7COMM_NCK_AREA_V_FEEDDRIVE 5
#define S7COMM_NCK_AREA_H_MAINDRIVE 6
#define S7COMM_NCK_AREA_M_MMC 7
static const value_string nck_area_names[] = {
{ S7COMM_NCK_AREA_N_NCK, "N - NCK" },
{ S7COMM_NCK_AREA_B_MODEGROUP, "B - Mode group" },
{ S7COMM_NCK_AREA_C_CHANNEL, "C - Channel" },
{ S7COMM_NCK_AREA_A_AXIS, "A - Axis" },
{ S7COMM_NCK_AREA_T_TOOL, "T - Tool" },
{ S7COMM_NCK_AREA_V_FEEDDRIVE, "V - Feed drive" },
{ S7COMM_NCK_AREA_H_MAINDRIVE, "M - Main drive" },
{ S7COMM_NCK_AREA_M_MMC, "M - MMC" },
{ 0, NULL }
};
static const value_string nck_module_names[] = {
{ 0x10, "Y - Global system data" },
{ 0x11, "YNCFL - NCK instruction groups" },
{ 0x12, "FU - NCU global settable frames" },
{ 0x13, "FA - Active NCU global frames" },
{ 0x14, "TO - Tool data" },
{ 0x15, "RP - Arithmetic parameters" },
{ 0x16, "SE - Setting data" },
{ 0x17, "SGUD - SGUD-Block" },
{ 0x18, "LUD - Local userdata" },
{ 0x19, "TC - Toolholder parameters" },
{ 0x1a, "M - Machine data" },
{ 0x1c, "WAL - Working area limitation" },
{ 0x1e, "DIAG - Internal diagnostic data" },
{ 0x1f, "CC - Unknown" },
{ 0x20, "FE - Channel-specific external frame" },
{ 0x21, "TD - Tool data: General data" },
{ 0x22, "TS - Tool edge data: Monitoring data" },
{ 0x23, "TG - Tool data: Grinding-specific data" },
{ 0x24, "TU - Tool data" },
{ 0x25, "TUE - Tool edge data, userdefined data" },
{ 0x26, "TV - Tool data, directory" },
{ 0x27, "TM - Magazine data: General data" },
{ 0x28, "TP - Magazine data: Location data" },
{ 0x29, "TPM - Magazine data: Multiple assignment of location data" },
{ 0x2a, "TT - Magazine data: Location typ" },
{ 0x2b, "TMV - Magazine data: Directory" },
{ 0x2c, "TMC - Magazine data: Configuration data" },
{ 0x2d, "MGUD - MGUD-Block" },
{ 0x2e, "UGUD - UGUD-Block" },
{ 0x2f, "GUD4 - GUD4-Block" },
{ 0x30, "GUD5 - GUD5-Block" },
{ 0x31, "GUD6 - GUD6-Block" },
{ 0x32, "GUD7 - GUD7-Block" },
{ 0x33, "GUD8 - GUD8-Block" },
{ 0x34, "GUD9 - GUD9-Block" },
{ 0x35, "PA - Channel-specific protection zones" },
{ 0x36, "GD1 - SGUD-Block GD1" },
{ 0x37, "NIB - State data: Nibbling" },
{ 0x38, "ETP - Types of events" },
{ 0x39, "ETPD - Data lists for protocolling" },
{ 0x3a, "SYNACT - Channel-specific synchronous actions" },
{ 0x3b, "DIAGN - Diagnostic data" },
{ 0x3c, "VSYN - Channel-specific user variables for synchronous actions" },
{ 0x3d, "TUS - Tool data: user monitoring data" },
{ 0x3e, "TUM - Tool data: user magazine data" },
{ 0x3f, "TUP - Tool data: user magatine place data" },
{ 0x40, "TF - Parametrizing, return parameters of _N_TMGETT, _N_TSEARC" },
{ 0x41, "FB - Channel-specific base frames" },
{ 0x42, "SSP2 - State data: Spindle" },
{ 0x43, "PUD - programmglobale Benutzerdaten" },
{ 0x44, "TOS - Edge-related location-dependent fine total offsets" },
{ 0x45, "TOST - Edge-related location-dependent fine total offsets, transformed" },
{ 0x46, "TOE - Edge-related coarse total offsets, setup offsets" },
{ 0x47, "TOET - Edge-related coarse total offsets, transformed setup offsets" },
{ 0x48, "AD - Adapter data" },
{ 0x49, "TOT - Edge data: Transformed offset data" },
{ 0x4a, "AEV - Working offsets: Directory" },
{ 0x4b, "YFAFL - NCK instruction groups (Fanuc)" },
{ 0x4c, "FS - System-Frame" },
{ 0x4d, "SD - Servo data" },
{ 0x4e, "TAD - Application-specific data" },
{ 0x4f, "TAO - Aplication-specific cutting edge data" },
{ 0x50, "TAS - Application-specific monitoring data" },
{ 0x51, "TAM - Application-specific magazine data" },
{ 0x52, "TAP - Application-specific magazine location data" },
{ 0x53, "MEM - Unknown" },
{ 0x54, "SALUC - Alarm actions: List in reverse chronological order" },
{ 0x55, "AUXFU - Auxiliary functions" },
{ 0x56, "TDC - Tool/Tools" },
{ 0x57, "CP - Generic coupling" },
{ 0x6e, "SDME - Unknown" },
{ 0x6f, "SPARPI - Program pointer on interruption" },
{ 0x70, "SEGA - State data: Geometry axes in tool offset memory (extended)" },
{ 0x71, "SEMA - State data: Machine axes (extended)" },
{ 0x72, "SSP - State data: Spindle" },
{ 0x73, "SGA - State data: Geometry axes in tool offset memory" },
{ 0x74, "SMA - State data: Machine axes" },
{ 0x75, "SALAL - Alarms: Liste organized according to time," },
{ 0x76, "SALAP - Alarms: List organized according to priority" },
{ 0x77, "SALA - Alarms: List organized according to time," },
{ 0x78, "SSYNAC - Synchronous actions" },
{ 0x79, "SPARPF - Program pointers for block search and stop run" },
{ 0x7a, "SPARPP - Program pointer in automatic operation" },
{ 0x7b, "SNCF - Active G functions" },
{ 0x7d, "SPARP - Part program information" },
{ 0x7e, "SINF - Part-program-specific status data" },
{ 0x7f, "S - State data" },
{ 0x80, "0x80 - Unknown" },
{ 0x81, "0x81 - Unknown" },
{ 0x82, "0x82 - Unknown" },
{ 0x83, "0x83 - Unknown" },
{ 0x84, "0x84 - Unknown" },
{ 0x85, "0x85 - Unknown" },
{ 0xfd, "0 - Internal" },
{ 0, NULL }
};
static value_string_ext nck_module_names_ext = VALUE_STRING_EXT_INIT(nck_module_names);
static gint hf_s7comm_tia1200_item_reserved1 = -1; /* 1 Byte Reserved (always 0xff?) */
static gint hf_s7comm_tia1200_item_area1 = -1; /* 2 Byte2 Root area (DB or IQMCT) */
static gint hf_s7comm_tia1200_item_area2 = -1; /* 2 Bytes detail area (I/Q/M/C/T) */
static gint hf_s7comm_tia1200_item_area2unknown = -1; /* 2 Bytes detail area for possible unknown or not seen areas */
static gint hf_s7comm_tia1200_item_dbnumber = -1; /* 2 Bytes DB number */
static gint hf_s7comm_tia1200_item_crc = -1; /* 4 Bytes CRC */
static gint hf_s7comm_tia1200_substructure_item = -1; /* Substructure */
static gint hf_s7comm_tia1200_var_lid_flags = -1; /* LID Flags */
static gint hf_s7comm_tia1200_item_value = -1;
/**************************************************************************
**************************************************************************/
/* Header Block */
static gint hf_s7comm_header = -1;
static gint hf_s7comm_header_protid = -1; /* Header Byte 0 */
static gint hf_s7comm_header_rosctr = -1; /* Header Bytes 1 */
static gint hf_s7comm_header_redid = -1; /* Header Bytes 2, 3 */
static gint hf_s7comm_header_pduref = -1; /* Header Bytes 4, 5 */
static gint hf_s7comm_header_parlg = -1; /* Header Bytes 6, 7 */
static gint hf_s7comm_header_datlg = -1; /* Header Bytes 8, 9 */
static gint hf_s7comm_header_errcls = -1; /* Header Byte 10, only available at type 2 or 3 */
static gint hf_s7comm_header_errcod = -1; /* Header Byte 11, only available at type 2 or 3 */
/* Parameter Block */
static gint hf_s7comm_param = -1;
static gint hf_s7comm_param_errcod = -1; /* Parameter part: Error code */
static gint hf_s7comm_param_service = -1; /* Parameter part: service */
static gint hf_s7comm_param_itemcount = -1; /* Parameter part: item count */
static gint hf_s7comm_param_data = -1; /* Parameter part: data */
static gint hf_s7comm_param_neg_pdu_length = -1; /* Parameter part: Negotiate PDU length */
static gint hf_s7comm_param_setup_reserved1 = -1; /* Parameter part: Reserved byte in communication setup pdu*/
static gint hf_s7comm_param_maxamq_calling = -1; /* Parameter part: Max AmQ calling */
static gint hf_s7comm_param_maxamq_called = -1; /* Parameter part: Max AmQ called */
/* Item data */
static gint hf_s7comm_param_item = -1;
static gint hf_s7comm_param_subitem = -1; /* Substructure */
static gint hf_s7comm_item_varspec = -1; /* Variable specification */
static gint hf_s7comm_item_varspec_length = -1; /* Length of following address specification */
static gint hf_s7comm_item_syntax_id = -1; /* Syntax Id */
static gint hf_s7comm_item_transport_size = -1; /* Transport size, 1 Byte*/
static gint hf_s7comm_item_length = -1; /* length, 2 Bytes*/
static gint hf_s7comm_item_db = -1; /* DB/M/E/A, 2 Bytes */
static gint hf_s7comm_item_area = -1; /* Area code, 1 byte */
static gint hf_s7comm_item_address = -1; /* Bit address, 3 Bytes */
static gint hf_s7comm_item_address_byte = -1; /* address: Byte address */
static gint hf_s7comm_item_address_bit = -1; /* address: Bit address */
static gint hf_s7comm_item_address_nr = -1; /* address: Timer/Counter/block number */
/* Special variable read with Syntax-Id 0xb0 (DBREAD) */
static gint hf_s7comm_item_dbread_numareas = -1; /* Number of areas following, 1 Byte*/
static gint hf_s7comm_item_dbread_length = -1; /* length, 1 Byte*/
static gint hf_s7comm_item_dbread_db = -1; /* DB number, 2 Bytes*/
static gint hf_s7comm_item_dbread_startadr = -1; /* Start address, 2 Bytes*/
/* NCK access with Syntax-Id 0x82 */
static gint hf_s7comm_item_nck_areaunit = -1; /* Bitmask: aaauuuuu: a=area, u=unit */
static gint hf_s7comm_item_nck_area = -1;
static gint hf_s7comm_item_nck_unit = -1;
static gint hf_s7comm_item_nck_column = -1;
static gint hf_s7comm_item_nck_line = -1;
static gint hf_s7comm_item_nck_module = -1;
static gint hf_s7comm_item_nck_linecount = -1;
static gint hf_s7comm_data = -1;
static gint hf_s7comm_data_returncode = -1; /* return code, 1 byte */
static gint hf_s7comm_data_transport_size = -1; /* transport size 1 byte */
static gint hf_s7comm_data_length = -1; /* Length of data, 2 Bytes */
static gint hf_s7comm_data_item = -1;
static gint hf_s7comm_readresponse_data = -1;
static gint hf_s7comm_data_fillbyte = -1;
/* timefunction: s7 timestamp */
static gint hf_s7comm_data_ts = -1;
static gint hf_s7comm_data_ts_reserved = -1;
static gint hf_s7comm_data_ts_year1 = -1; /* first byte of BCD coded year, should be ignored */
static gint hf_s7comm_data_ts_year2 = -1; /* second byte of BCD coded year, if 00...89 then it's 2000...2089, else 1990...1999*/
static gint hf_s7comm_data_ts_month = -1;
static gint hf_s7comm_data_ts_day = -1;
static gint hf_s7comm_data_ts_hour = -1;
static gint hf_s7comm_data_ts_minute = -1;
static gint hf_s7comm_data_ts_second = -1;
static gint hf_s7comm_data_ts_millisecond = -1;
static gint hf_s7comm_data_ts_weekday = -1;
/* userdata, block services */
static gint hf_s7comm_userdata_data = -1;
static gint hf_s7comm_userdata_param_head = -1;
static gint hf_s7comm_userdata_param_len = -1;
static gint hf_s7comm_userdata_param_reqres2 = -1; /* unknown */
static gint hf_s7comm_userdata_param_type = -1;
static gint hf_s7comm_userdata_param_funcgroup = -1;
static gint hf_s7comm_userdata_param_subfunc_prog = -1;
static gint hf_s7comm_userdata_param_subfunc_cyclic = -1;
static gint hf_s7comm_userdata_param_subfunc_block = -1;
static gint hf_s7comm_userdata_param_subfunc_cpu = -1;
static gint hf_s7comm_userdata_param_subfunc_sec = -1;
static gint hf_s7comm_userdata_param_subfunc_time = -1;
static gint hf_s7comm_userdata_param_subfunc = -1; /* for all other subfunctions */
static gint hf_s7comm_userdata_param_seq_num = -1;
static gint hf_s7comm_userdata_param_dataunitref = -1;
static gint hf_s7comm_userdata_param_dataunit = -1;
/* block functions, list blocks of type */
static gint hf_s7comm_ud_blockinfo_block_type = -1; /* Block type, 1 byte, stringlist blocktype_names */
static gint hf_s7comm_ud_blockinfo_block_num = -1; /* Block number, 2 bytes as int */
static gint hf_s7comm_ud_blockinfo_block_cnt = -1; /* Count, 2 bytes as int */
static gint hf_s7comm_ud_blockinfo_block_flags = -1; /* Block flags (unknown), 1 byte */
static gint hf_s7comm_ud_blockinfo_block_lang = -1; /* Block language, 1 byte, stringlist blocklanguage_names */
/* block functions, get block infos */
static gint hf_s7comm_ud_blockinfo_block_num_ascii = -1; /* Block number, 5 bytes, ASCII*/
static gint hf_s7comm_ud_blockinfo_filesys = -1; /* Filesystem, 1 byte, ASCII*/
static gint hf_s7comm_ud_blockinfo_res_const1 = -1; /* Constant 1, 1 byte, HEX*/
static gint hf_s7comm_ud_blockinfo_res_infolength = -1; /* Length of Info, 2 bytes as int */
static gint hf_s7comm_ud_blockinfo_res_unknown2 = -1; /* Unknown blockinfo 2, 2 bytes, HEX*/
static gint hf_s7comm_ud_blockinfo_res_const3 = -1; /* Constant 3, 2 bytes, ASCII */
static gint hf_s7comm_ud_blockinfo_res_unknown = -1; /* Unknown byte(s) */
static gint hf_s7comm_ud_blockinfo_subblk_type = -1; /* Subblk type, 1 byte, stringlist subblktype_names */
static gint hf_s7comm_ud_blockinfo_load_mem_len = -1; /* Length load memory, 4 bytes, int */
static gint hf_s7comm_ud_blockinfo_blocksecurity = -1; /* Block Security, 4 bytes, stringlist blocksecurity_names*/
static gint hf_s7comm_ud_blockinfo_interface_timestamp = -1;/* Interface Timestamp, string */
static gint hf_s7comm_ud_blockinfo_code_timestamp = -1; /* Code Timestamp, string */
static gint hf_s7comm_ud_blockinfo_ssb_len = -1; /* SSB length, 2 bytes, int */
static gint hf_s7comm_ud_blockinfo_add_len = -1; /* ADD length, 2 bytes, int */
static gint hf_s7comm_ud_blockinfo_localdata_len = -1; /* Length localdata, 2 bytes, int */
static gint hf_s7comm_ud_blockinfo_mc7_len = -1; /* Length MC7 code, 2 bytes, int */
static gint hf_s7comm_ud_blockinfo_author = -1; /* Author, 8 bytes, ASCII */
static gint hf_s7comm_ud_blockinfo_family = -1; /* Family, 8 bytes, ASCII */
static gint hf_s7comm_ud_blockinfo_headername = -1; /* Name (Header), 8 bytes, ASCII */
static gint hf_s7comm_ud_blockinfo_headerversion = -1; /* Version (Header), 8 bytes, ASCII */
static gint hf_s7comm_ud_blockinfo_checksum = -1; /* Block checksum, 2 bytes, HEX */
static gint hf_s7comm_ud_blockinfo_reserved1 = -1; /* Reserved 1, 4 bytes, HEX */
static gint hf_s7comm_ud_blockinfo_reserved2 = -1; /* Reserved 2, 4 bytes, HEX */
static gint hf_s7comm_userdata_blockinfo_flags = -1; /* Some flags in Block info response */
static gint hf_s7comm_userdata_blockinfo_linked = -1; /* Some flags in Block info response */
static gint hf_s7comm_userdata_blockinfo_standard_block = -1;
static gint hf_s7comm_userdata_blockinfo_nonretain = -1; /* Some flags in Block info response */
static gint ett_s7comm_userdata_blockinfo_flags = -1;
static const int *s7comm_userdata_blockinfo_flags_fields[] = {
&hf_s7comm_userdata_blockinfo_linked,
&hf_s7comm_userdata_blockinfo_standard_block,
&hf_s7comm_userdata_blockinfo_nonretain,
NULL
};
/* Programmer commands, diagnostic data */
static gint hf_s7comm_diagdata_req_askheadersize = -1; /* Ask header size, 2 bytes as int */
static gint hf_s7comm_diagdata_req_asksize = -1; /* Ask size, 2 bytes as int */
static gint hf_s7comm_diagdata_req_unknown = -1; /* for all unknown bytes */
static gint hf_s7comm_diagdata_req_answersize = -1; /* Answer size, 2 bytes as int */
static gint hf_s7comm_diagdata_req_block_type = -1; /* Block type, 1 byte, stringlist subblktype_names */
static gint hf_s7comm_diagdata_req_block_num = -1; /* Block number, 2 bytes as int */
static gint hf_s7comm_diagdata_req_startaddr_awl = -1; /* Start address AWL, 2 bytes as int */
static gint hf_s7comm_diagdata_req_saz = -1; /* Step address counter (SAZ), 2 bytes as int */
static gint hf_s7comm_diagdata_req_number_of_lines = -1; /* Number of lines, 1 byte as int */
static gint hf_s7comm_diagdata_req_line_address = -1; /* Address, 2 bytes as int */
/* Flags for requested registers in diagnostic data telegrams */
static gint hf_s7comm_diagdata_registerflag = -1; /* Registerflags */
static gint hf_s7comm_diagdata_registerflag_stw = -1; /* STW = Status word */
static gint hf_s7comm_diagdata_registerflag_accu1 = -1; /* Accumulator 1 */
static gint hf_s7comm_diagdata_registerflag_accu2 = -1; /* Accumulator 2 */
static gint hf_s7comm_diagdata_registerflag_ar1 = -1; /* Addressregister 1 */
static gint hf_s7comm_diagdata_registerflag_ar2 = -1; /* Addressregister 2 */