How CIP request-response packet linkage happened ?

retag add tags

I am trying to parse EtherNET/IP based CIP packets using wireshark.

In CIP response we only gets status but there is no specific information we get for command(request) to which it is providing a status.

That's why it is necessary to link Request with Response. Wireshark implementation already do that. That means it provide request packet number associated with response. From this, dissector get CIP Path (Class, Instance, Attribute) to parse the data present in response.

How wireshark does this ? Is there any roll of seq. & ack. no. present in TCP ?

Thanks !!

vikrant

asked 2019-09-30 14:34:28 +0000

edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

Be the first one to answer this question!

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

How CIP request-response packet linkage happened ? edit

Comments

Be the first one to answer this question!

How CIP request-response packet linkage happened ?