Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make IEC traffic identification more precise #580

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Make IEC traffic identification more precise #580

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 22 additions & 31 deletions conpot/protocols/IEC104/IEC104_server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,38 +80,29 @@ def handle(self, sock, address):
request += new_byte

# check if IEC 104 packet or for the first occurrence of the indication 0x68 for IEC 104
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This comment should be updated since you are not looking for the first occurrence anymore.

for elem in list(request):
if 0x68 == elem:
index = request.index(elem)
if request[0] == 0x68:
timeout_t3.cancel()
response = None
# check which frame type
if not (request[2] & 0x01): # i_frame
response = iec104_handler.handle_i_frame(request)
elif request[2] & 0x01 and not (
request[2] & 0x02
): # s_frame
iec104_handler.handle_s_frame(request)
elif request[2] & 0x03: # u_frame
response = iec104_handler.handle_u_frame(request)
else:
logger.warning(
"%s ---> No valid IEC104 type (%s)",
address,
session.id,
)

iec_request = request[index:]
timeout_t3.cancel()
response = None
# check which frame type
if not (iec_request[2] & 0x01): # i_frame
response = iec104_handler.handle_i_frame(
iec_request
)
elif iec_request[2] & 0x01 and not (
iec_request[2] & 0x02
): # s_frame
iec104_handler.handle_s_frame(iec_request)
elif iec_request[2] & 0x03: # u_frame
response = iec104_handler.handle_u_frame(
iec_request
)
else:
logger.warning(
"%s ---> No valid IEC104 type (%s)",
address,
session.id,
)

if response:
for resp_packet in response:
if resp_packet:
sock.send(resp_packet)
break
if response:
for resp_packet in response:
if resp_packet:
sock.send(resp_packet)

except Timeout_t3:
pkt = iec104_handler.send_104frame(TESTFR_act)
Expand Down
16 changes: 16 additions & 0 deletions conpot/tests/test_iec104_server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -223,3 +223,19 @@ def test_failing_connection_connection_lost_event(self, mock_timeout):
self.assertEqual("CONNECTION_LOST", con_lost_event["data"]["type"])

s.close()

@patch("conpot.protocols.IEC104.IEC104_server.gevent._socket3.socket.recv")
def test_connection_times_out_if_traffic_starts_with_wrong_prefix(
self, mock_timeout
):
"""
Objective: Test if server ignores traffic starting with wrong prefix
"""
mock_timeout.side_effect = TimeoutError()
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.settimeout(1)
s.connect(("127.0.0.1", 2404))
packet = frames.u_frame(Start=0x67).build()
s.send(packet)
with self.assertRaises(TimeoutError):
s.recv(6)