12.7. Modbus

Modbus is a communications protocol designed by Modicon Incorporated for use with its PLCs.

The profiles specify function codes and register or coil addresses. The function code in the protocol Modbus TCP specifies the purpose of the data transfer. The device blocks the data packets that violate the specified profiles. If an error is detected, then the device terminates the data connection upon user request. The predefined function code lists and the function code generator support you when specifying the function codes.

When the Modbus Enforcer profile is active (enabled checkbox is marked), the device applies the profiles to the data stream.

  • The device permits data packets containing only the function codes specified in the Function code field.

  • The device rejects the data packets containing any other function codes that are not specified in the Function code field.

You can find the Modbus protocol at Firewall → Enforcer → Modbus.

Modbus

12.7.1. Modbus Settings

Enabled

Wheter the Modbus enforcer is active or not.

Possible values:

  • Enabled

  • Disabled (default setting)

Name

Name of the Modbus enforcer.

Possible values:

  • Character string with 0..100 characters

Description

Description of the Modbus enforcer.

Possible values:

  • Character string with 0..250 characters

Unit identifier

Specifies the Modbus TCP identification unit for the Modbus Enforcer profile.

Possible values:

  • <empty> (default setting)

    The device permits data packets without an identification unit.

  • 0..255

    The device permits data packets with the specified identification unit.

    The field lets you specify the following options:

    • A single Modbus TCP identification unit with a single numerical value, for example 1.

    • Multiple Modbus TCP identification units with numerical values separated by a comma, for example 1,2,3.

TCP Reset

Activates/deactivates the resetting of the TCP connection in case of a protocol violation or if the plausibility check detects an error.

Possible values:

  • enabled (default setting)

    The resetting of the TCP connection is active.

    If the device identifies a protocol violation or detects a plausibility check error, then the device terminates the TCP connection. The device establishes the TCP connection again on receiving a new request.

  • disabled

    The resetting of the TCP connection is inactive.

Sanity Check

Activates/deactivates the plausibility check for the data packets.

Possible values:

  • enabled (default setting)

    The plausibility check is active.

    The device checks the plausibility of the data packets regarding format and specification.

    The device blocks the data packets that violate the specified profiles.

  • disabled

    The plausibility check is inactive.

Exception

Activates/deactivates the sending of an exception response in case of a protocol violation or if the plausibility check identifies errors.

Possible values:

  • enabled* (default setting)

    The sending of an exception response is active.

    If the device identifies a protocol violation or a plausibility check error, then the device sends an exception response to the end points and terminates the Modbus TCP connection.

  • disabled

    The sending of an exception response is inactive. The Modbus TCP connection remains established.

Preset

Preset of Modbus rules.

Possible values:

  • Read Only (default setting)

    Assigns the function codes for the read function of the Modbus TCP protocol.

    1,2,3,4,7,11,12,17,20,24

  • Read Write

    Assigns the function codes for the read/write functions of the Modbus TCP protocol.

    1,2,3,4,5,6,7,11,12,15,16,17,20,21,22,23,24

  • Programming

    Assigns the function codes for the programming functions of the Modbus TCP protocol.

    1,2,3,4,5,6,7,11,12,15,16,17,20,21,22,23,24,40,42,90,125,126

  • All

    Assigns the function codes for every function of the Modbus TCP protocol.

    1,2,..,254,255

  • Custom

    Lets you specify user-defined values in the Function code field.

12.7.2. Modbus Rules

Modbus Rules
Name

Name of the Modbus rule.

Possible values:

  • Character string with 0..100 characters

Description

Description of the Modbus rule.

Possible values:

  • Character string with 0..250 characters

Description

Description of the Modbus rule.

Possible values:

  • Character string with 0..250 characters

Function code

Possible values:

  • 0..255

Read Address Start

Default is 0.

Possible values:

  • 0..65535 (2¹?-1)

Read Address Length

Default is 1.

Possible values:

  • 0..65535 (2¹?-1)

Write Address Start

Default is 0.

Possible values:

  • 0..65535 (2¹?-1)

Write Address Length

Default is 1.

Possible values:

  • 0..65535 (2¹?-1)

12.7.3. Modbus Function Codes

#

Meaning

Address range (read)

Address range (write)

1

Read Coils

<0..65535>

-

2

Read Discrete Inputs

<0..65535>

-

3

Read Holding Registers

<0..65535>

-

4

Read Input Registers

<0..65535>

-

5

Write Single Coil

-

<0..65535>

6

Write Single Register

-

<0..65535>

7

Read Exception Status

-

-

8

Diagnostic

-

-

11

Get Comm Event Counter

-

-

12

Get Comm Event Log

-

-

13

Program (584/984)

-

-

14

Poll (584/984)

-

-

15

Write Multiple Coils

-

<0..65535>

16

Write Multiple Registers

-

<0..65535>

17

Report Slave ID

-

-

20

Read File Record

-

-

21

Write File Record

-

-

22

Mask Write Register

-

<0..65535>

23

Read/Write Multiple Registers

<0..65535>

<0..65535>

24

Read FIFO Queue

<0..65535>

-

40

Program (Concept)

-

-

42

Concept Symbol Table

-

-

43

Encapsulated Interface Transport

-

-

48

Advantech Co. Ltd. - Management Functions

-

-

66

Scan Data Inc. - Expanded Read Holding Registers

-

-

67

Scan Data Inc. - Expanded Write Holding Registers

-

-

90

Unity Programming/OFS

-

-

100

Scattered Register Read

-

-

125

Schneider Electric - Firmware

-

-