ModbusParserLite/README at master · jusafing/ModbusParserLite · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
Modbus parser lite v0.1.0
-------------------------

README File

-------------------------
DESCRIPTION

This script is a simple Modbus Parser. It uses Argus binary data to extract
the TCP streams in order to parse the Modbus Headers.

It creates an output plain-text file with all the Modbus headers for every
single TCP stream. It is possible to define three operation modes:
  1 - Parse requests  only
  2 - Parse responses only
  3 - Parse full TCP streams

It also creates a file with all single Modbus Headers as well as a general
log file.


-------------------------
REQUIREMENTS

- Argus server
- Ra client

Perl Modules:
 - File::Touch


-------------------------
USAGE

First you need to configure the execution parameters within ParseConfig.pm

Then you can use it with the following syntax:

    $ ./modbus_parser.pl <PCAP_FILE> [LOGFILE]

** NOTE **:
It will create the output files on the same path of PCAP_FILE.
The log file defined as an argument overwrites the one on ParseConfig.pm

-------------------------
TODO

- Arguments validation
- Use exec instead of direct shell call ``
- Use output directory variable
- Improve the performance skipping LogMsgT calls or to improme LogUtils.pm


-------------------------
AUTHOR

By Javier S.A.
jusafing@gmail.com
(2014)

You can use git to get a copy of this parser from

git://repository.jusanet.org/ModbusParserLite

and you can see the ChangeLog on

http://repository.jusanet.org