6.19. Modbus关键字¶
Modbus关键字可用于对Modbus请求的各种属性进行匹配。
使用此关键字有三种方法:
函数属性与设置“函数”匹配;
直接在数据访问上与设置“访问”匹配;
在单元标识符上仅与设置“单元”匹配,或与以前的设置“功能”或“访问”匹配。
与设置 功能 ,您可以匹配:
基于功能代码字段和子功能代码的操作(如果适用);
三类Modbus功能之一;
公共定义的公共功能(设置为“公共”)。
用户定义函数(设置“用户”)
专用于Modbus专有扩展的保留功能(关键字“reserved”)。
公共职能的两个子组之一:
已分配的功能,其定义已在Modbus规范中给出(关键字“assigned”);
未分配的函数,保留供将来使用(关键字“unassigned”)。
语法::
modbus: function <value>
modbus: function <value>, subfunction <value>
modbus: function [!] <assigned | unassigned | public | user | reserved | all>
签名“!”是否定的
实例:
modbus: function 21 # Write File record function
modbus: function 4, subfunction 4 # Force Listen Only Mode (Diagnostics) function
modbus: function assigned # defined by Modbus Application Protocol Specification V1.1b3
modbus: function public # validated by the Modbus.org community
modbus: function user # internal use and not supported by the specification
modbus: function reserved # used by some companies for legacy products and not available for public use
modbus: function !reserved # every function but reserved function
与 接近 设置,可以匹配:
一种数据访问(读或写);
一个主表访问(离散输入、线圈、输入寄存器和保持寄存器);
地址访问范围;
书面价值。
语法::
modbus: access <read | write>
modbus: access read <discretes | coils | input | holding>
modbus: access read <discretes | coils | input | holding>, address <value>
modbus: access write < coils | holding>
modbus: access write < coils | holding>, address <value>
modbus: access write < coils | holding>, address <value>, value <value>
用 _<value>_ 在访问或写入地址或值时设置匹配项,如下所示:
address 100 # exactly address 100
address 100<>200 # greater than address 100 and smaller than address 200
address >100 # greater than address 100
address <100 # smaller than address 100
实例:
modbus: access read # Read access
modbus: access write # Write access
modbus: access read input # Read access to Discretes Input table
modbus: access write coils # Write access to Coils table
modbus: access read discretes, address <100 # Read access at address smaller than 100 of Discretes Input table
modbus: access write holding, address 500, value >200 # Write value greater than 200 at address 500 of Holding Registers table
与设置 unit ,您可以匹配:
连接在网桥或网关后的子网络上的远程设备的Modbus从机地址。目标IP地址标识网桥本身,网桥使用Modbus单元标识符将请求转发到右从设备。
语法::
modbus: unit <value>
modbus: unit <value>, function <value>
modbus: unit <value>, function <value>, subfunction <value>
modbus: unit <value>, function [!] <assigned | unassigned | public | user | reserved | all>
modbus: unit <value>, access <read | write>
modbus: unit <value>, access read <discretes | coils | input | holding>
modbus: unit <value>, access read <discretes | coils | input | holding>, address <value>
modbus: unit <value>, access write < coils | holding>
modbus: unit <value>, access write < coils | holding>, address <value>
modbus: unit <value>, access write < coils | holding>, address <value>, value <value>
用 _<value>_ 在访问或写入地址或值时设置匹配项,如下所示:
unit 10 # exactly unit identifier 10
unit 10<>20 # greater than unit identifier 10 and smaller than unit identifier 20
unit >10 # greater than unit identifier 10
unit <10 # smaller than unit identifier 10
实例:
modbus: unit 10 # Unit identifier 10
modbus: unit 10, function 21 # Unit identifier 10 and write File record function
modbus: unit 10, function 4, subfunction 4 # Unit identifier 10 and force Listen Only Mode (Diagnostics) function
modbus: unit 10, function assigned # Unit identifier 10 and assigned function
modbus: unit 10, function !reserved # Unit identifier 10 and every function but reserved function
modbus: unit 10, access read # Unit identifier 10 and Read access
modbus: unit 10, access write coils # Unit identifier 10 and Write access to Coils table
modbus: unit >10, access read discretes, address <100 # Greater than unit identifier 10 and Read access at address smaller than 100 of Discretes Input table
modbus: unit 10<>20, access write holding, address 500, value >200 # Greater than unit identifier 10 and smaller than unit identifier 20 and Write value greater than 200 at address 500 of Holding Registers table
(参见http://www.modbus.org/docs/modbus_application_protocol_v1_1b3.pdf)
注: 读写地址从1开始。因此,如果系统使用的起始值为0,则需要将地址值加1。
注: 根据TCP/IP实施指南v1.0b中的Modbus消息传递,建议使用远程设备保持TCP连接打开,不要为每个Modbus/TCP事务打开和关闭它。在这种情况下,重要的是将流重新组合的深度设置为无限制(stream.reassembly.depth:0)
注: 根据TCP/IP实施指南v1.0b上的Modbus消息传递,串行线路上的Modbus从设备地址分配为1到247(十进制)。地址0用作广播地址。
(参见http://www.modbus.org/docs/modbus_messaging_implementation_guide_v1_0b.pdf)
有关Modbus支持的论文和演示(法语):http://www.ssi.gouv.fr/agence/publication/detection-dintrusion-dans-les-systemes-industriels-suricata-et-le-cas-modbus/