写入报文分析
ModbusTcp报文详细解析见 ModbusTCP协议报文解析
写入常用的四个功能码,线圈 05,15(0x0F),寄存器06,16(0x10)
详细报文如下:
//00 01 00 00 00 06 FF 05 00 01 FF 00 写单个线圈
//00 01 00 00 00 06 FF 06 00 05 00 23 写单个寄存器//写多个寄存器
//00 06 00 00 00 0B FF 10 00 02 00 02 04 00 21 00 2A//前7位相同,第八位功能码不同,九、十位写入地址,这是格式一样部分
线圈基本都是单个写入,这里就使用05功能码
寄存器写入可能多个同时写入,如int32,float等,需要四个字节,则需要2个寄存器,并且数据的两个寄存器是连续的,,其他的如Int64,double,则需要4个寄存器,我们可以一起写入调高效率。
跟读报文一样,定义一个写入报文的头,前10个报文,再接收到写入数据是再在后面接上对应的数据字段
//读报文
byte[] _writebytes = new byte[]{0x00,0x01,0x00,0x00,0x00,0x06,0xFF,0x01,0x00,0x01};
然后再初始化的时候修改从站地址
写入实现
增加写入功能码关系
public readonly Dictionary<string, byte> WriteFuncCodes = new Dictionary<string, byte>();void Init(){//...WriteFuncCodes.Add("Coil", 5);WriteFuncCodes.Add("HoldingRegister", 16);//...}
实现写入报文处理方法
定义一个写入方法WriteData用于写入报文发送和返回处理
/// <summary>
/// modbustcp写入方法
/// </summary>
/// <param name="point"></param>
private void WriteData(RegisterPoint point)
{}
然后再监控方法中,将等待周期拆分成10份,循环十次等待,每次查询写入队列是否有值,如果有就执行写入
/// <summary>/// 启动主采集线程,循环采集/// </summary>public void DoMonitor(){Task.Run(() =>{//防止重复启动if (IsMonitored)return;IsMonitored = true;while (true){//。。。。原逻辑//循环10次间隔,如果写入队列不为空,则执行写入for (int i = 0; i < 10; i++){while (_writeQueue.Count > 0){var point = _writeQueue.Dequeue();WriteData(point);}Task.Delay(_timeSpan).Wait();}}});}
写入发送报文处理
修改相同格式的报文部分,功能码和地址
//修改功能码_writebytes[7] = WriteFuncCodes[point.RegisterType];//修改写入地址var addressBytes = BitConverter.GetBytes(point.Address);_writebytes[8] = addressBytes[1];_writebytes[9] = addressBytes[0];
然后再根据不同类型功能码处理数据部分
var writebuffer = _writebytes.ToList();
if (point.RegisterType == "Coil")
{writebuffer[5] = 0x06;if (point.WriteValue.Equals(true)){writebuffer.Add(0xFF);}else{writebuffer.Add(0x00);}writebuffer.Add(0x00);
}
else if (point.RegisterType == "HoldingRegister")
{byte dataLen = (byte)(point.Length * 2);writebuffer[5] = Convert.ToByte(7 + dataLen);//修改读寄存器数量var LengthBytes = BitConverter.GetBytes(point.Length);writebuffer.Add(LengthBytes[1]);writebuffer.Add(LengthBytes[0]);//添加数据长度writebuffer.Add(dataLen);//转换成字节数组var converterMothed = typeof(BitConverter).GetMethod("GetBytes",BindingFlags.Public | BindingFlags.Static,new[] { point.Type });var valueBytes = (byte[])converterMothed.Invoke(null, new object[] { point.WriteValue });//转字节序byte[] newbytes = new byte[point.Length * 2];for (int i = 0; i < point.Length; i++){newbytes[2 * i] = valueBytes[2 * i + 1];newbytes[2 * i + 1] = valueBytes[2 * i];}writebuffer.AddRange(newbytes);
}
处理完报文就执行发送接收操作
var client = _tcpClient.Client;client.Send(writebuffer.ToArray());//接收报文,正常接收说明写入成功byte[] recvBytes = Recevice(12, 9);
补充:
接收报文通信过程,跟读报文发送之后的接收报文操作基本一致,同样进行粘包处理,然后异常判断,所以将接收进行封装,只需要传入正常报文长度和异常报文长度,自行
byte[] Recevice(int receiveLen, int errLen)
{//接收报文byte[] recvBytes = new byte[receiveLen];//报文总长int recevTotalLength = 0;while (recevTotalLength < receiveLen && recevTotalLength != errLen){try{int needLength = receiveLen - recevTotalLength;var recvLen = _client.Receive(recvBytes,recevTotalLength,needLength,SocketFlags.None);if (recvLen == 0){throw new Exception("未接收到响应数据");}recevTotalLength += recvLen;}catch (Exception ex){throw new Exception("接收响应数据异常!" + ex.Message);}}if (recvBytes.Length == errLen){throw new Exception("返回异常报文");}return recvBytes;
}
响应报文分析
根据下面不同功能码响应报文可以看出,正常响应报文长度就是12,异常是9,所以前面接收传入的参数就是 Recevice(12, 9)
响应
00 01 00 00 00 06 FF 05 00 01 FF 00 -05
00 01 00 00 00 06 01 0F 00 05 00 0A -15
00 05 00 00 00 06 FF 06 00 05 00 23 -06
00 06 00 00 00 06 FF 10 00 02 00 02 -16长度12错误响应
00 01 00 00 00 03 01 8F 02 长度 9
实现效果
完整代码
public class ModbusTcp{/// <summary>/// 功能码映射关系/// </summary>public readonly Dictionary<string, byte> ReadFuncCodes = new Dictionary<string, byte>();public readonly Dictionary<string, byte> WriteFuncCodes = new Dictionary<string, byte>();//读报文byte[] _readbytes = new byte[]{0x00,0x01,0x00,0x00,0x00,0x06,0xFF,0x01,0x00,0x01,0x00,0x10};//写报文(前10位)byte[] _writebytes = new byte[]{0x00,0x01,0x00,0x00,0x00,0x06,0xFF,0x01,0x00,0x01,};private DeviceLink _link;private List<RegisterPoint> _registers;private TcpClient _tcpClient;private int _timeSpan = 100; // 1000/10 ms 1s==1000ms,然后切成10个片段循环,插空进行写入/// <summary>/// 连接状态/// </summary>public bool IsConnected => _tcpClient != null && _tcpClient.Connected;private bool IsMonitored = false;public event Action<RegisterPoint, object> ValueUpdated;/// <summary>/// 写入队列/// </summary>private Queue<RegisterPoint> _writeQueue = new Queue<RegisterPoint>();private Socket _client;public ModbusTcp(DeviceLink link){if (link == null){throw new ArgumentNullException("传入配置为空,无法初始化");}_link = link;_timeSpan = (int)(link.AcqTimeSpan * 100);_registers = link.Points;_tcpClient = new TcpClient();Init();}void Init(){ReadFuncCodes.Add("Coil", 1);ReadFuncCodes.Add("DiscreteInput", 2);ReadFuncCodes.Add("HoldingRegister", 3);ReadFuncCodes.Add("InputRegister", 4);WriteFuncCodes.Add("Coil", 5);WriteFuncCodes.Add("HoldingRegister", 16);//修改从站地址_readbytes[6] = Convert.ToByte(_link.SlaveID);_writebytes[6] = Convert.ToByte(_link.SlaveID);}/// <summary>/// 连接/// </summary>private void Connect(){try{_tcpClient.Connect(IPAddress.Parse(_link.Ip), _link.Port);_client = _tcpClient.Client;}catch (Exception ex) { }}/// <summary>/// 启动主采集线程,循环采集/// </summary>public void DoMonitor(){Task.Run(() =>{//防止重复启动if (IsMonitored)return;IsMonitored = true;while (true){if (!_tcpClient.Connected){Connect();}else{try{foreach (RegisterPoint point in _registers){SetSendBytes(point);//发送读报文_client.Send(_readbytes);int len = ReceviceDataLength(point.Length);var errLen = 9;var normalLen = 9 + len;//接收报文byte[] recvBytes = Recevice(normalLen, errLen);//提取数据部分byte[] dataBytes = new byte[len];Array.Copy(recvBytes, 9, dataBytes, 0, len);//数据处理DealData(point, dataBytes);}}catch (Exception ex){Console.WriteLine(ex.Message);}}//循环10次间隔,如果写入队列不为空,则执行写入for (int i = 0; i < 10; i++){while (_writeQueue.Count > 0){var point = _writeQueue.Dequeue();WriteData(point);}Task.Delay(_timeSpan).Wait();}}});}/// <summary>/// 返回报文数据长度/// </summary>/// <param name="pointLength"></param>/// <returns></returns>private int ReceviceDataLength(int pointLength){int len;if (_readbytes[7] <= 2){len = pointLength / 8 + 1;}else{len = pointLength * 2;}return len;}/// <summary>/// 设置查询发送报文/// </summary>/// <param name="point"></param>private void SetSendBytes(RegisterPoint point){//修改功能码_readbytes[7] = ReadFuncCodes[point.RegisterType];//修改起始地址var addressBytes = BitConverter.GetBytes(point.Address);_readbytes[8] = addressBytes[1];_readbytes[9] = addressBytes[0];//修改读寄存器数量var LengthBytes = BitConverter.GetBytes(point.Length);_readbytes[10] = LengthBytes[1];_readbytes[11] = LengthBytes[0];}/// <summary>/// 数据处理方法/// </summary>/// <param name="point"></param>/// <param name="bytes"></param>void DealData(RegisterPoint point, byte[] bytes){//处理返回数据var funcCode = ReadFuncCodes[point.RegisterType];object value;if (funcCode <= 2){//单点查询,线圈只查询一个,byte中不等于0,就是truevalue = bytes[0] != 0;}else{if (point.Type == typeof(byte)){value = bytes[1];}else{//字节序处理byte[] newbytes = new byte[point.Length * 2];//优化for (int i = 0; i < point.Length; i++){newbytes[2 * i] = bytes[2 * i + 1];newbytes[2 * i + 1] = bytes[2 * i];}// 优化var converterMothed = typeof(BitConverter).GetMethod("To" + point.Type.Name,BindingFlags.Public | BindingFlags.Static,new[] { typeof(byte[]), typeof(int) });value = converterMothed.Invoke(null, new object[] { newbytes, 0 });}}//赋值if (!value.Equals(point.Value)){point.Value = value;ValueUpdated?.Invoke(point, value);}}/// <summary>/// modbustcp写入方法/// </summary>/// <param name="point"></param>private void WriteData(RegisterPoint point){try{//00 01 00 00 00 06 FF 05 00 01 FF 00//00 05 00 00 00 06 FF 06 00 05 00 23//发送长度都一样,格式完全一样//前7位相同,第八位功能码不同,九、十位写入地址_writebytes[7] = WriteFuncCodes[point.RegisterType];//修改写入地址var addressBytes = BitConverter.GetBytes(point.Address);_writebytes[8] = addressBytes[1];_writebytes[9] = addressBytes[0];var writebuffer = _writebytes.ToList();if (point.RegisterType == "Coil"){writebuffer[5] = 0x06;if (point.WriteValue.Equals(true)){writebuffer.Add(0xFF);}else{writebuffer.Add(0x00);}writebuffer.Add(0x00);}else if (point.RegisterType == "HoldingRegister"){byte dataLen = (byte)(point.Length * 2);writebuffer[5] = Convert.ToByte(7 + dataLen);//修改读寄存器数量var LengthBytes = BitConverter.GetBytes(point.Length);writebuffer.Add(LengthBytes[1]);writebuffer.Add(LengthBytes[0]);//添加数据长度writebuffer.Add(dataLen);//转换成字节数组var converterMothed = typeof(BitConverter).GetMethod("GetBytes",BindingFlags.Public | BindingFlags.Static,new[] { point.Type });var valueBytes = (byte[])converterMothed.Invoke(null, new object[] { point.WriteValue });//转字节序byte[] newbytes = new byte[point.Length * 2];for (int i = 0; i < point.Length; i++){newbytes[2 * i] = valueBytes[2 * i + 1];newbytes[2 * i + 1] = valueBytes[2 * i];}writebuffer.AddRange(newbytes);}var client = _tcpClient.Client;client.Send(writebuffer.ToArray());//接收报文,正常接收说明写入成功byte[] recvBytes = Recevice(12, 9);}catch (Exception ex){Console.WriteLine(ex.Message);}}//写入值先加入一个队列public void Write(RegisterPoint point){_writeQueue.Enqueue(point);}byte[] Recevice(int receiveLen, int errLen){//接收报文byte[] recvBytes = new byte[receiveLen];//报文总长int recevTotalLength = 0;while (recevTotalLength < receiveLen && recevTotalLength != errLen){try{int needLength = receiveLen - recevTotalLength;var recvLen = _client.Receive(recvBytes,recevTotalLength,needLength,SocketFlags.None);if (recvLen == 0){throw new Exception("未接收到响应数据");}recevTotalLength += recvLen;}catch (Exception ex){throw new Exception("接收响应数据异常!" + ex.Message);}}if (recvBytes.Length == errLen){throw new Exception("返回异常报文");}return recvBytes;}}