Ask Your Question

Revision history [back]

Wireshark can dissect Modbus messages when they are transported over IP networks, and a convenient, but not free, way to do this is via an Ethernet to Serial device, e.g. this Lantronix adaptor.

Using a device such as this, which creates a virtual serial port on the Modbus "Master", the master communicates over IP to the adaptor which is then connected to the RS-485 bus. Wireshark can be run on the master to capture the traffic and dissect it. I do this several times a week.

If you just want to "sniff" the data on the RS-485 bus then both external hardware and software will be required. If suitable hardware could be located (commercial or even better open hardware) then the Wireshark extcap interface could be used to feed the traffic into Wireshark.