> I have tested Ethereal with DNP3 traffic and believe I have found a
> bug in the DNP3 application layer dissector. In DNP3, READ fragments
> do not have Information Objects. Only the headers have Information
> Objects, since they only specify the points to be read, not their
> value. The response fragment has both the headers and the Information
> Objects.
>
> However the DNP3 application layer dissector is treating READ request
> fragments as if they do have Information Objects following the object
> headers, and is therefore parsing subsequent object headers after the
> first object header as if they were Information Objects. Should I add
> this to the bugs database?
Yes please. It would help enormously if you could also provide a capture
illustrating the problem, identifying the frames in question.
>
> Also what are the development plans for the DNP3 application layer
> dissector? Is anyone working on it at the moment? Is any assistance
> required? I am particularly keen to add floating point and file
> objects.
>
When time permits.
Chris Bontje and myself seem to be the only folks working on this at the
moment. Chris has some refactorings in progress to sort a few issues out,
but adding extra info objects shouldn't be too difficult. Feel free to send
a patch in, again captures demonstrating the new types would be helpful.
Regards,
Graham Bloice
