DNP3 Analyzer Supports for DNP3-over-UDP


Two major changes are made for the DNP3 analyzer
1. Make the analyzer support both the DNP3-over-UDP and the DNP3-over-TCP.
The changes are made in, DNP3.h and dpd.sig

2. Fix a bug in the binpac codes of the DNP3 analyzer
The changes are made in dnp3-protocol.pac. The changes results in different baseline results of testing/btest/Baseline/scripts.base.protocols.dnp3.dnp3_link_only




Robin Sommer
August 22, 2014, 9:36 PM

For DNP3 over UDP analyzer. most of the codes are copied and pasted. Better way to reuse the code?

Yeah, don't do that.

You need to refactor this out so that the code exists only once, probably by creating a joint base class or something (also applies to crc_table_initialized and crc_table).

August 25, 2014, 4:41 PM

Hi Robin,

What I did to avoid the same code being copied and pasted is to define a
independent class, i.e., DNP3_Analyzer which includes most of the repeated
codes. Then I let DNP3_TCP_Analyzer inherits from both this DNP3_Analyzer
and TCP_ApplicationAnalyzer. I can pass the test by doing this. The only
issue is that because the DNP3_Analyzer is defined independently, it can
not use the function such as Weird, ProtocolViolation and
ProtocolConfirmation. Do you know how I can call them inside this class?

If this is not possible, I am thinking about let the function in
DNP3_Analyzer return different error values to DNP3_TCP_Analyzer and call
the Weird function in the DNP3_TCP_Analyzer. Is this OK to you?


Hui Lin

On Fri, Aug 22, 2014 at 4:37 PM, Robin Sommer (JIRA) <

Hui Lin
PhD Candidate, Research Assistant
Electrical and Computer Engineering Department
University of Illinois at Urbana-Champaign

August 29, 2014, 4:09 PM

I define a base class for both tcp and udp analyzer and include all the repeated codes there. In order to call the functions defined in analyzer::Analyzer (such as Weird), I just pass the this pointer back to this base class.
At the same time, I fix a bug found in the
All these changes do not introduce different test baseline results.

Robin Sommer
September 8, 2014, 4:40 AM

Much better, thanks!

I've tweaked it a little bit more, see topic/robin/dnp3-merge-v4.

Now just one more request: I don't see any test case for DNP3 over UDP. Can you add one please? (adding to your branch is fine).

January 7, 2015, 9:09 PM

I just added several test cases for DNP3 over UDP in topic/robin/dnp3-merge-v4. Ready to merge now.


Robin Sommer




External issue ID



Affects versions