-
-
Notifications
You must be signed in to change notification settings - Fork 417
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DNP3 support #11
Comments
I made some successful tests with the proxy module: https://github.com/glastopf/conpot/tree/dnp3_proxy |
How can I help here? Is this doc up to date? https://github.com/glastopf/conpot/blob/dnp3_proxy/docs/source/components/protocols/dnp3.rst |
The documentation should be up to date. Have a look at the decoder and how to extend it. |
Let me know if you run into any problems or need some help. |
I've just built and installed cverges' DNP3 fork successfully. Is this right or do I need to install automatak's one? Now I'll read something about DNP3 and then I'll have a look at the decoder in the dnp3_proxy branch. |
I went straight to the automatak code and installed the samples, some instructions can be found here: https://github.com/mushorg/conpot/blob/dnp3_proxy/docs/source/components/protocols/dnp3.rst |
Ok thanks I'll do. |
Done, |
I have changed the outstations listening port to +=1 so conpot can listen on the default port and I didn't had to change the client. Let me know if you run into trouble merging master into the branch. And feel free to continue using that branch. |
Just as a reminder to myself, I patched the source file |
This is helpful during development: http://www.automatak.com/opendnp3/decoder/ |
@adepasquale have you looked more into this? |
Even if this might overlap with the DNP3 proxy branch, I'd like to code wireshark dissectors first. Then implement DNP3 only after I have better understood the protocol. |
Sounds good to me. I might have a student interested in working on this after all. I still think writing a proper wrapper around automataks opendnp3 library would be pretty awesome... |
Although my experience with swig is limited, I think auto generated python API is a little hackish - and may lead to unexpected behavior. I would instead suggest using |
There has been promising updates on this 🙂 pydnp3 |
Any progress? |
Six years on, we're still in demand for DNP3, and the old branch is no longer usable. |
You think you can help in any way? |
Skills required: Python, basic C++, dissecting network traffic.
* Time estimation:* We assume this to be a three months project.
Short Description: Improve Conpot’s current very minimal support for the DNP3 protocol. Goal is to provide a server capable of basic DNP3 communication.
Description:
Conpot provides a variety of common protocols: Modbus, S7Comm, SNMP, HTTP and Kamstrup. We are always working on getting additional protocols supported. This is a rather complicated task as many protocols don't have an open source implementation, documentation is rather complex or simply not available. One of the protocols we are interested in is DNP3 (Distributed Network Protocol) which is similar to IEC 60870-5 and often used for communication between control centers, RTUs (Remote Terminal Units) and IEDs (Intelligent Electronic Devices). Conpot has a feature which we call the Proxy Module. This allows us to proxy incoming requests through Conpot to a service and back to the client. When we implement a new protocol in Conpot, we set up an instance with this proxy module and tunnel all requests from the client to e.g. a real device or a service with that protocol running on another host. Then, piece by piece, we are decoding the message in Conpot while it passes through so we get insight into the intention of the request. Right now we have a very basic decoder for the DNP3 protocol which we would like to extend.
More information:
The text was updated successfully, but these errors were encountered: