From 65804fd4869605aba32f3d48d13cfd5841ac9ccf Mon Sep 17 00:00:00 2001 From: helenwangjia <1573523714@qq.com> Date: Thu, 9 Nov 2023 01:49:37 +0000 Subject: [PATCH 1/5] keep modbus function loaded --- osect_sensor/conf/local.zeek | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/osect_sensor/conf/local.zeek b/osect_sensor/conf/local.zeek index 875328f..f74e8bc 100755 --- a/osect_sensor/conf/local.zeek +++ b/osect_sensor/conf/local.zeek @@ -118,7 +118,7 @@ redef LogAscii::enable_utf_8 = F; #@load zeek-plugin-profinet #@load zeek-plugin-s7comm #@load icsnpp-ethercat -#@load icsnpp-modbus +@load icsnpp-modbus @load zeek-long-connections @load zeek-af_packet-plugin @load CIFS_B From 1fe48abff6e08595ab27797f2f66bf15d1b59bcd Mon Sep 17 00:00:00 2001 From: helenwangjia <57517810+helenwangjia@users.noreply.github.com> Date: Thu, 9 Nov 2023 11:53:53 +0900 Subject: [PATCH 2/5] enable modbus in common_config.py --- osect_sensor/Application/edge_cron/common/common_config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/osect_sensor/Application/edge_cron/common/common_config.py b/osect_sensor/Application/edge_cron/common/common_config.py index 3c7b335..91f7947 100644 --- a/osect_sensor/Application/edge_cron/common/common_config.py +++ b/osect_sensor/Application/edge_cron/common/common_config.py @@ -31,7 +31,7 @@ BACNET_ENABLE = True """ Bacnetトラフィックを取り込むか否か """ -MODBUS_ENABLE = False +MODBUS_ENABLE = True """ Modbusトラフィックを取り込むか否か """ BRO_SHELL_COMMAND = "/opt/ot_tools/bro.sh" From 3c8b2810593d272621c2ace4164d8b8b6c4ca498 Mon Sep 17 00:00:00 2001 From: helenwangjia <57517810+helenwangjia@users.noreply.github.com> Date: Wed, 15 Nov 2023 15:25:44 +0900 Subject: [PATCH 3/5] use a former version of modbus --- osect_sensor/Infrastructure/edge_cron/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/osect_sensor/Infrastructure/edge_cron/Dockerfile b/osect_sensor/Infrastructure/edge_cron/Dockerfile index aa34c92..9971931 100755 --- a/osect_sensor/Infrastructure/edge_cron/Dockerfile +++ b/osect_sensor/Infrastructure/edge_cron/Dockerfile @@ -154,15 +154,15 @@ ENV PATH $PATH:/root/.cargo/bin # zkgパッケージ(必要なものだけ入れる) ENV PATH $PATH:/usr/local/zeek/bin # RUN zkg autoconfig -RUN zkg install --force --skiptest \ +RUN zkg install icsnpp-modbus --version 03de54df8b0a8c1e6264876167f80dccae74902a --force --skiptest \ + && zkg install --force --skiptest \ # zeek-plugin-bacnet \ # zeek-plugin-enip \ # zeek-plugin-profinet \ # zeek-plugin-s7comm \ # icsnpp-ethercat \ # icsnpp-opcua-binary \ - icsnpp-modbus \ - # icsnpp-bacnet \ +# icsnpp-bacnet \ zeek/corelight/zeek-long-connections \ zeek-af_packet-plugin From 5a7d21c379bdf0c2afef7af2227580e376fdfdfe Mon Sep 17 00:00:00 2001 From: Takuma Tsubaki Date: Fri, 22 Dec 2023 10:24:34 +0900 Subject: [PATCH 4/5] Update common_config.py MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit デフォルトはFalseでOK --- osect_sensor/Application/edge_cron/common/common_config.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/osect_sensor/Application/edge_cron/common/common_config.py b/osect_sensor/Application/edge_cron/common/common_config.py index 91f7947..8c2e034 100644 --- a/osect_sensor/Application/edge_cron/common/common_config.py +++ b/osect_sensor/Application/edge_cron/common/common_config.py @@ -28,10 +28,10 @@ YAF_ENABLE = True """ yaf use flag """ -BACNET_ENABLE = True +BACNET_ENABLE = False """ Bacnetトラフィックを取り込むか否か """ -MODBUS_ENABLE = True +MODBUS_ENABLE = False """ Modbusトラフィックを取り込むか否か """ BRO_SHELL_COMMAND = "/opt/ot_tools/bro.sh" From b5f0cbefe2e69cf4734eb5b6679e8cf5680fd9ff Mon Sep 17 00:00:00 2001 From: helenwangjia <1573523714@qq.com> Date: Fri, 22 Dec 2023 04:19:03 +0000 Subject: [PATCH 5/5] add package refresh command --- osect_sensor/Infrastructure/edge_cron/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/osect_sensor/Infrastructure/edge_cron/Dockerfile b/osect_sensor/Infrastructure/edge_cron/Dockerfile index 3b7cf07..794cb79 100755 --- a/osect_sensor/Infrastructure/edge_cron/Dockerfile +++ b/osect_sensor/Infrastructure/edge_cron/Dockerfile @@ -155,6 +155,7 @@ ENV PATH $PATH:/root/.cargo/bin ENV PATH $PATH:/usr/local/zeek/bin # RUN zkg autoconfig RUN zkg install icsnpp-modbus --version 03de54df8b0a8c1e6264876167f80dccae74902a --force --skiptest \ + && zkg refresh \ && zkg install --force --skiptest \ # zeek-plugin-bacnet \ # zeek-plugin-enip \